Bugtraq mailing list archives
Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing
From: Makoto Shiotsuki <shio () st rim or jp>
Date: Wed, 18 Apr 2007 14:26:41 +0900
The attack described just now, is that this vulnerability combined with the traditional "birthday" attack scenario allows another form of attack. The birthday attacks in general are still possible on any DNS server which doesn't randomize source ports, but may be more difficult to conduct than this new attack. (I'm not sure, I haven't run the numbers.)
Thank you for the clarification, Tim. That is exactly what I wanted to say. :) By the way, as regards recent Bind 9, birthday attack is much more difficult to conduct because even if the attacker sends multiple simultaneous recursive queries, Bind 9 aggregates these queries. In addition, there is a patch written by Jinmei-san for Bind 9.4.0 (current release) to randomize source ports. http://www.jinmei.org/bind-9.4.0-portpool.patch http://member.wide.ad.jp/tr/wide-tr-dns-bind9-portpool-01.txt (technical report from WIDE project in Japanese) Makoto Shiotsuki
Current thread:
- Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 16)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Tim (Apr 17)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Makoto Shiotsuki (Apr 17)
- RE: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 17)
- Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing 3APA3A (Apr 17)
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Roger A. Grimes (Apr 18)
- RE: Re[2]: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Oliver Friedrichs (Apr 19)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Bojan Zdrnja (Apr 18)
- Re: Windows DNS Cache Poisoning by Forwarder DNS Spoofing Matthew Dixon Cowles (Apr 18)