Educause Security Discussion mailing list archives
Re: DNSSEC Deployment
From: Jason Frisvold <frisvolj () LAFAYETTE EDU>
Date: Mon, 17 May 2010 17:06:00 -0400
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/17/2010 04:43 PM, Joe St Sauver wrote:
Just to mention three examples: -- ATT Austin Texas http://www.pcworld.com/businesscenter/article/149126/dns_attack_wri ter_a_victim_of_his_own_creation.html (URL split due to length) -- Brasilian Banks http://www.theregister.co.uk/2009/04/22/bandesco_cache_poisoning_attack/ -- China Netcom http://securitylabs.websense.com/content/Alerts/3163.aspx
While all three of these appear to have occurred *after* the Kaminsky vulnerability was released, there doesn't seem to be any indication as to whether these systems were patched. Poisoning a cache that has been patched to randomize query IDs takes a significant amount of time and generates a lot of traffic. It is also fairly easy to detect as I believe signatures exist for most of the major IDS vendors.
Regards, Joe
- -- - --------------------------- Jason Frisvold Network Engineer frisvolj () lafayette edu - --------------------------- "What I cannot create, I do not understand" - Richard Feynman -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.13 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkvxr7gACgkQO80o6DJ8UvkI9gCfcXm2Uk3nHrQHplrBqtBwPo40 tAkAn38Qc8O3ySTVUDLVOwzYHqzWSN0X =xOIH -----END PGP SIGNATURE-----
Current thread:
- Re: DNSSEC Deployment, (continued)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment John Kristoff (May 17)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment John Ladwig (May 17)
- Re: DNSSEC Deployment Joe St Sauver (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment Joe St Sauver (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment John Kristoff (May 17)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment Jason Frisvold (May 17)
- Re: DNSSEC Deployment Bruce Curtis (May 17)
- Re: DNSSEC Deployment John Kristoff (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)
- Re: DNSSEC Deployment John Ladwig (May 17)
- Re: DNSSEC Deployment Michael Sinatra (May 17)