Vulnerability Development mailing list archives
DNS exploit
From: George <georger () NLS NET>
Date: Tue, 22 Aug 2000 22:26:37 -0400
Here's an interesting DNS exploit. I'll give the full steps like I wanted to take down an ISP's name servers. First, find an ISP willing to run secondary DNS for you. Register a domain, only list the ISP's DNS servers as authorative for the domain but have the ISP set up to run secondary to your DNS server. Ok, now create a domain.com zone. In that zone create an A record for www.domain.com and then create a Cname for domain.com and point it to www.domain.com. Let it replicate out to the ISP's servers, then do a bunch of queries for domain.com from their servers. Takes a little time but it basically creates a really nasty loop. (not sure if it happens with all DNS servers) For an ISP who is willing to run secondary DNS I don't see any way to protect against this type of thing. I've not investigated if it could be used against cache in an unrelated DNS server but I suppose it's possible. Geo.
Current thread:
- DNS exploit George (Aug 22)
- Re: DNS exploit Chris A. Mattingly (Aug 23)
- Re: DNS exploit Gordon Messmer (Aug 23)
- Re: DNS exploit Geo. (Aug 24)
- Re: DNS exploit Ryan Permeh (Aug 24)
- Re: DNS exploit Chris A. Mattingly (Aug 24)
- Re: DNS exploit Geo. (Aug 24)