Preety quickly in relative terms...
DJB pointed out the vulnerability back in July 2001... that would be
more than 7 years (http://cr.yp.to/djbdns/forgery-cost.txt).
\Lego
On Mon, Aug 4, 2008 at 7:08 PM, Gerald Combs <gerald@xxxxxxxxxxxxx> wrote:
> On Mon, 04 Aug 2008 11:29:54 +0200, Jaap Keuter <jaap.keuter@xxxxxxxxx>
> wrote:
>> That was talk about c-ares as replacement for adns. It came out on top of
>> my
>> preference list (further candidates: UDNS and posadis). I have had no
> time
>> to
>> investigate this any further, let alone start design/implementation.
>
> It looks like the c-ares community reacted pretty quickly to the DNS
> poisoning flaw discovered recently
> (http://daniel.haxx.se/projects/c-ares/mail/c-ares-archive-2008-07/) while
> the ADNS community hasn't (http://www.kb.cert.org/vuls/id/MIMG-7ECL5U).
> This is probably a good hint that we should switch.
>
> _______________________________________________
> Wireshark-dev mailing list
> Wireshark-dev@xxxxxxxxxxxxx
> https://wireshark.org/mailman/listinfo/wireshark-dev
>
--
This information is top security. When you have read it, destroy yourself.
-- Marshall McLuhan