Dailydave mailing list archives
Re: DNS Speculation
From: "Tyler Krpata" <krpatasec () gmail com>
Date: Wed, 23 Jul 2008 11:08:58 -0400
On Tue, Jul 22, 2008 at 9:15 PM, Petja van der Lek <lek () xs4all nl> wrote:
If it does, then this would obviously be an Extremely Bad thing, since an attacker could just poison a resolver anytime, anyplace, anywhere. If it doesn't overwrite the cached entry, I presume we'd have to scratch the "anytime" from that list, and the attacker would have to wait until the entry expires. Assuming that domain names worth spoofing would be the more heavily trafficked ones -- and therefore likely to be present in a resolver's cache already -- this would leave a rather small window of opportunity every 24 hours or so (or whatever the TTL of the to-be spoofed entry is set at).
More to the point, if my math is right (and it may not be), if the spoofed glue record DOES overwrite the entry in cache, then source port randomization doesn't actually fix the problem. It just changes the time scale for success from seconds to potentially days. I haven't found a definitive answer on this yet either. Hopefully I will get some time to test it soon. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: DNS Speculation, (continued)
- Re: DNS Speculation Petja van der Lek (Jul 21)
- Re: DNS Speculation natron (Jul 22)
- Re: DNS Speculation Parity (Jul 22)
- Re: DNS Speculation Tetrapodal Giant (Jul 22)
- Re: DNS Speculation Blue Boar (Jul 23)
- Re: DNS Speculation Petja van der Lek (Jul 21)
- Re: DNS Speculation Alexander Sotirov (Jul 22)
- Re: DNS Speculation natron (Jul 22)
- Re: DNS Speculation Dominique Brezinski (Jul 22)
- Message not available
- Re: DNS Speculation Dominique Brezinski (Jul 22)
- Re: DNS Speculation Petja van der Lek (Jul 22)
- Re: DNS Speculation Tyler Krpata (Jul 23)
- Re: DNS Speculation Alexander Sotirov (Jul 22)
- Re: DNS Speculation ninjaboy (Jul 23)
- Re: DNS Speculation Cedric Blancher (Jul 24)
- Re: DNS Speculation marc_bevand (Jul 25)
- Re: DNS Speculation Bryan Burns (Jul 25)
- Message not available
- Re: DNS Speculation marc_bevand (Jul 28)