2.5 Admins 2.5 Admins 282: Fragile DNS
20 snips
Jan 15, 2026 Discover how a Cloudflare DNS change brought Cisco routers to their knees! Dive into the latest Microsoft Copilot exploit that quietly stole user data through crafty prompts. The Pentagon is making waves by planning to integrate Musk's AI tool, Grok, into its networks—what could possibly go wrong? Plus, get expert tips on managing LVM snapshots versus ZFS for optimal data handling. Join the conversation as tech experts unravel these intriguing topics!
AI Snips
Chapters
Transcript
Episode notes
Fragile DNS In Embedded Cisco Gear
- Cisco devices crashed when Cloudflare changed CNAME/additional record ordering, revealing fragile DNS handling.
- Jim Salter and Allan Jude argue embedded resolvers must be replaced with proper resolvers like Bind or Unbound.
Run A Proper Resolver, Not Embedded DNS
- Replace fragile embedded DNS with maintained resolvers like Bind or Unbound.
- Run a proper recursive resolver rather than relying on tiny, unvetted embedded code.
Standards-Compliant Responses Shouldn't Crash Devices
- Cisco's DNS client didn't just fail lookup; it crashed the resolver process leading to local DoS.
- The hosts likely suffer from poor input validation and potential memory-safety bugs.
