nanog mailing list archives

Re: Exploit for DNS Cache Poisoning - RELEASED

From: Mike Lewinski <mike () rockynet com>
Date: Wed, 23 Jul 2008 16:58:43 -0600

Joe Greco wrote:

So, I have to assume that I'm missing some unusual aspect to this attack.
I guess I'm getting older, and that's not too shocking.  Anybody see it?

AFAIK, the main novelty is the ease with which bogus NS records can beinserted. It may be hard to get a specific A record(www.victimsbank.com) cached, but if you can shim in the NS records ofyour ns.poisoner.com authority, then getting the real target A record istrivial since you'll be asked directly for it (and can wait for thelegit clients to ask for it for you).


Mike

Current thread:

Re: Software router state of the art, (continued)
- - - Re: Software router state of the art Wes Young (Jul 23)
    - Message not available
    - Re: Software router state of the art William Herrin (Jul 23)
    - Re: Software router state of the art Kevin Oberman (Jul 23)
    - Re: Software router state of the art William Herrin (Jul 23)
    - Re: Software router state of the art Kevin Oberman (Jul 23)
    - sizing router buffers (Re: Software router state of the art ) Mikael Abrahamsson (Jul 23)
    - Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
    - RE: Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Kevin Day (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED William Herrin (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 24)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Tony Finch (Jul 24)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Joe Abley (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Jasper Bryant-Greene (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Patrick W. Gilmore (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Jared Mauch (Jul 23)
    - Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)

(Thread continues...)