nanog mailing list archives
Re: Exploit for DNS Cache Poisoning - RELEASED
From: Joe Abley <jabley () ca afilias info>
Date: Wed, 23 Jul 2008 21:17:18 -0400
On 23 Jul 2008, at 18:30, Joe Greco wrote:
So, I have to assume that I'm missing some unusual aspect to this attack. I guess I'm getting older, and that's not too shocking. Anybody see it?
Perhaps what you're missing can be found in the punchline to the transient post on the Matasano Security blog ("Mallory can conduct this attack in less than 10 seconds on fast Internet link").
Being able to divert users of a particular resolver (who thought they were going to paypal, or their bank, or a government web page to file their taxes, or, or, etc) to the place of your choosing with less than a minute's effort seems like cause for concern to me.
Luckily we have the SSL/CA architecture in place to protect any web page served over SSL. It's a good job users are not conditioned to click "OK" when told "the certificate for this site is invalid".
Joe
Current thread:
- Exploit for DNS Cache Poisoning - RELEASED, (continued)
- Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
- RE: Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Kevin Day (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED William Herrin (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Tony Finch (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Abley (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jasper Bryant-Greene (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Patrick W. Gilmore (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jared Mauch (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)
- RE: Exploit for DNS Cache Poisoning - RELEASED Skywing (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Matthew Kaufman (Jul 23)
- https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Robert Kisteleki (Jul 24)
- Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Steven M. Bellovin (Jul 24)
- Re: https Sam Stickland (Jul 24)
- Re: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED) Jeffrey Ollie (Jul 24)