nanog mailing list archives
Re: Exploit for DNS Cache Poisoning - RELEASED
From: David Conrad <drc () virtualized org>
Date: Wed, 23 Jul 2008 16:00:39 -0700
Hi, On Jul 23, 2008, at 3:51 PM, Robert D. Scott wrote:
Actually you are not missing anything. It is a brute force attack.
I haven't looked at the exploit code, but the vulnerability Kaminsky found is a bit more than a brute force attack. As has been pointed out in various venues, it takes advantage of a couple of flaws in the DNS architecture. No, not simply the fact that the QID space is only 16 bits. That's part of it, but there is more. Really. I'm sure you can find the 'leaked' Matasano Chargen description of the attack on the net somewhere.
But other than just muck things up where is the motivation for a poisoning?
Man-in-the-middle attacks directed at ISPs serving end users who want to (say) get to their banks?
Regards, -drc
Current thread:
- Re: Software router state of the art, (continued)
- Re: Software router state of the art Christopher Morrow (Jul 23)
- Re: Software router state of the art Wes Young (Jul 23)
- Message not available
- Re: Software router state of the art William Herrin (Jul 23)
- Re: Software router state of the art Kevin Oberman (Jul 23)
- Re: Software router state of the art William Herrin (Jul 23)
- Re: Software router state of the art Kevin Oberman (Jul 23)
- sizing router buffers (Re: Software router state of the art ) Mikael Abrahamsson (Jul 23)
- Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
- RE: Exploit for DNS Cache Poisoning - RELEASED Robert D. Scott (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED David Conrad (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Mike Lewinski (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Kevin Day (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED William Herrin (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Greco (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Tony Finch (Jul 24)
- Re: Exploit for DNS Cache Poisoning - RELEASED Joe Abley (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jasper Bryant-Greene (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Patrick W. Gilmore (Jul 23)
- Re: Exploit for DNS Cache Poisoning - RELEASED Jared Mauch (Jul 23)