* Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.
-
Upload
harold-anderson -
Category
Documents
-
view
219 -
download
3
Transcript of * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.
*DNS Cache Poisoning
*Agenda
What is the DNS ?
Poisoning the cache
Short term solution
Long term solution
* a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network
*Doname Name System
*Zone
*Nameserver
*Authoritative Nameserver
*Resolver
*Recursive Nameserver
*Resource Record
*Delegation
*Terminology
* Nothing prevents any nameserver from hosting any zone, including those it doesn't really own. it has no effect because no higher-level nameserver ever delegates to it
A simple DNS query
What's in a DNS packet?
The packet in the step 7
The Time-To-Live
What's in the cache?
*Poisoning the cache*Step 1:
*Guessing the Query ID and Port Number
*Step 2:
*Flooding the target nameserver
*Guessing the Query ID
* Flooding the target nameserver
*Version 1
* Flooding the target nameserver
*Version 2
*Short term solution*Maximise the amount of randomness
randomizing the Port Number and Query ID
Even patched servers may still be vulnerable if an intervening firewall performs Port Address Translation in a way that un-randomizes the source ports
*Disable open recusive name servers
If you must run a recursive name server, limit access to only
those computers that need it. (e.g. your customers)
*Long term solutionDNSSEC is the current answer to this
problem
Any questions?