DNS Cache Poisoning attack

From: Ravi Chunduru <ravi.is.chunduru_at_nospam>
Date: Thu Jul 17 2008 - 02:38:12 GMT
To: "Focus IDS" <focus-ids@securityfocus.com>

Does anybody have snort or Intrupro-IPS signature(s) to detect DNS Cache Poisoning attack?
Also, is there any PoC to simulate the attack and test the effectiveness of signature(s)?

thanks
Ravi

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE IMPACT. Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw to learn more.

This message: [ Message body ]
Next message: Jamie Riden: "Re: Remote File include (RFI) vulnerabilities"
Previous message: Ravi Chunduru: "Remote File include (RFI) vulnerabilities"
Next in thread: Joel Esler: "Re: DNS Cache Poisoning attack"
Reply: Joel Esler: "Re: DNS Cache Poisoning attack"
Reply: Mario A. Spinthiras: "Re: DNS Cache Poisoning attack"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]