Re: solution: MS02-015 (Q319182) breaks intranet cookies

From: Russ (Russ.Cooper@RC.ON.CA)
Date: 04/11/02

• Previous message: Pat Hennessy: "Re: solution: MS02-015 (Q319182) breaks intranet cookies"
• Maybe in reply to: Strele Franz: "solution: MS02-015 (Q319182) breaks intranet cookies"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date:         Thu, 11 Apr 2002 13:12:00 -0400
From: Russ <Russ.Cooper@RC.ON.CA>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

Sorry about this RFC chatter, but...

"Paul B. Hill" <pbh@MIT.EDU> said;
-------
Please remember that the statement;

"The underscore character should not be used in dns names in the first
place. From page one of RFC 952..."

Only applies to some DNS records.

From RFC2782:

The format of the SRV RR

   Here is the format of the SRV RR, whose DNS type code is 33:

        _Service._Proto.Name TTL Class SRV Priority Weight Port Target

        (There is an example near the end of this document.)

   Service
        The symbolic name of the desired service, as defined in Assigned
        Numbers [STD 2] or locally. An underscore (_) is prepended to
        the service identifier to avoid collisions with DNS labels that
        occur in nature.
...
Changes from RFC 2052

   This document obsoletes RFC 2052. The major change from that
   previous, experimental, version of this specification is that now the
   protocol and service labels are prepended with an underscore, to
   lower the probability of an accidental clash with a similar name used
   for unrelated purposes.
-------

and "Farrow, Jon" <JFarrow@SCSPA.com> pointed out;
-------
The Clarification to DNS specification (RFC 2181) enlarges the character
set allowed in DNS names. It specifies that a DNS label can be any
binary string, and it does not necessarily have to be interpreted as
ASCII. Both Win2k DNS and the latest Bind (9.2?) support this.

http://www.rfc-editor.org/rfc/rfc2181.txt
-------

Cheers,
Russ - NTBugtraq Editor

---

• Previous message: Pat Hennessy: "Re: solution: MS02-015 (Q319182) breaks intranet cookies"
• Maybe in reply to: Strele Franz: "solution: MS02-015 (Q319182) breaks intranet cookies"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: SPF Records ... I found RFC 1035. ... There are also absolute limits beyond which at least ... Various objects and parameters in the DNS have size limits. ... John had a point earlier on about keeping response records less than 512, ... (microsoft.public.win2000.dns) Re: Source and Destination address determination ... and at this moment I am implementing the IPv4 RFC 791. ... looks fine except for the source and destination address fields in the ... will I have to make use of a DNS server? ... the source and destination address fields on the datagram I send to ... (comp.os.linux.networking) Re: DNS/RFC and includes ... > in the Myzone.dns file to ask the DNS service to include all the records ... You might supply the RFC number -- the DNS developers ... rather than how the DNS server interacts on the network. ... > If you check the DNS RFCs, you can see that we can use a $INCLUDE parameter> in the Myzone.dns file to ask the DNS service to include all the records that> are in an external file ... (microsoft.public.win2000.dns) Re: SPF Records ... I dropped the character count to 255 without spaces. ... I found RFC 1035. ... Various objects and parameters in the DNS have size limits. ... John had a point earlier on about keeping response records less than 512, ... (microsoft.public.win2000.dns) Re: Query a DNS in C ... |> Can anyone point any explicit doc, or the ... in RFC 1035) and lets the caller use a simple API to send queries and read ... Whether that API would simply be a "build and breakdown" API ... for DNS datagrams, or a more sophisticated system that waits for multiple ... (comp.unix.programmer)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)