>I was just wondering if BIND ver. 4.9(.2) uses the ID word to match
>a query to a reply or is the ID field for the reply ignored?
>My motivation for the question: Can someone force-feed a bogus answer
>to a resolver or named query sent to an external nameserver. It seems to
>me that a bogus answer would need the correct 16bit ID field of the query
>to be accepted (depending on how BIND uses this ID).
> Indeed, BIND does compare the ID field to match responses to queries.
> Forcefeeding a bogus answer isn't easy. It has been made even
> more difficult with the VALIDATE patch in BIND 4.9.2. Wait for
> the public release and read accompanying notes to figure out
> how to use it.
John L. MacFarlane (John .
6487A Calle Real (805) 967-5022
Santa Barbara, California 93117 (805) 964-4507 Fax.