* Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

15
* DNS Cache Poisoning

Transcript of * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

Page 1: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*DNS Cache Poisoning

Page 2: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Agenda

What is the DNS ?

Poisoning the cache

Short term solution

Long term solution

Page 3: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

* a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network

*Doname Name System

Page 4: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Zone

*Nameserver

*Authoritative Nameserver

*Resolver

*Recursive Nameserver

*Resource Record

*Delegation

*Terminology

Page 5: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

* Nothing prevents any nameserver from hosting any zone, including those it doesn't really own. it has no effect because no higher-level nameserver ever delegates to it

A simple DNS query

Page 6: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

What's in a DNS packet?

Page 7: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

The packet in the step 7

Page 8: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

The Time-To-Live

What's in the cache?

Page 9: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Poisoning the cache*Step 1:

*Guessing the Query ID and Port Number

*Step 2:

*Flooding the target nameserver

Page 10: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Guessing the Query ID

Page 11: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

* Flooding the target nameserver

*Version 1

Page 12: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

* Flooding the target nameserver

*Version 2

Page 13: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Short term solution*Maximise the amount of randomness

randomizing the Port Number and Query ID

Even patched servers may still be vulnerable if an intervening firewall performs Port Address Translation in a way that un-randomizes the source ports

*Disable open recusive name servers

If you must run a recursive name server, limit access to only

those computers that need it. (e.g. your customers)

Page 14: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

*Long term solutionDNSSEC is the current answer to this

problem

Page 15: * Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution.

Any questions?


The Differential Diagnosis of Cholera and Food Poisoning · of food poisoning. The term " food poison- ing " or preferably " food infection" should therefore be substituted for the

The Differential Diagnosis of Cholera and Food Poisoning · of food poisoning. The term " food poison- ing " or preferably " food infection" should therefore be substituted for the

DNS Poisoning: Developments, Attacks and Research Directionsgt-logo DNS Poisoning Attack Scenarios Vulnerability Analysis Remedies Traditional DNS Poisoning Kaminsky-Class Poisoning

DNS Poisoning: Developments, Attacks and Research Directionsgt-logo DNS Poisoning Attack Scenarios Vulnerability Analysis Remedies Traditional DNS Poisoning Kaminsky-Class Poisoning

Drug Poisoning

Drug Poisoning

Session Hijacking & ARP Poisoning Why web security depends on communications security and how TLS everywhere is the only solution.

Session Hijacking & ARP Poisoning Why web security depends on communications security and how TLS everywhere is the only solution.

Poisoning (toxicology)

Poisoning (toxicology)

y1404803790lWorksheet S St 9th Solution Term 2

y1404803790lWorksheet S St 9th Solution Term 2

Iatrogenic Poisoning

Iatrogenic Poisoning

Isoniazid Poisoning

Isoniazid Poisoning

GCPR Near-Term Solution System Design Review

GCPR Near-Term Solution System Design Review

Organophosphrous Poisoning

Organophosphrous Poisoning

Rodenticide Poisoning + Rat Killer paste poisoning management

Rodenticide Poisoning + Rat Killer paste poisoning management

SHORT-TERM SOLUTION

SHORT-TERM SOLUTION

Mushroom poisoning

Mushroom poisoning

A Dietary Solution to Arsenic Poisoning in Bangladesh

A Dietary Solution to Arsenic Poisoning in Bangladesh

Understanding Pimela poisoning of cattle - … Pimelea Poisoning in Cattle Contents Introduction to Pimelea Poisoning 1 Pimelea Poisoning 3 Signs of Pimelea Poisoning 3 How Poisoning

Understanding Pimela poisoning of cattle - … Pimelea Poisoning in Cattle Contents Introduction to Pimelea Poisoning 1 Pimelea Poisoning 3 Signs of Pimelea Poisoning 3 How Poisoning

1. 2 Drugs & Chemicals Poisoning Poisoning By Dr. Jamshidi.

1. 2 Drugs & Chemicals Poisoning Poisoning By Dr. Jamshidi.

ICD-10-CM Table of Drugs and ChemicalsICD-10-CM Table of Drugs and Chemicals Substance Poisoning, Accidental (unintentional) Poisoning, Intentional self-harm Poisoning, Assault Poisoning,

ICD-10-CM Table of Drugs and ChemicalsICD-10-CM Table of Drugs and Chemicals Substance Poisoning, Accidental (unintentional) Poisoning, Intentional self-harm Poisoning, Assault Poisoning,

Clinical Documentation in AED AED Poisoning Case ... · Clinical Workflow in using AED Poisoning Case Management Form . Poisoning Case Management Form interface . Poisoning-related

Clinical Documentation in AED AED Poisoning Case ... · Clinical Workflow in using AED Poisoning Case Management Form . Poisoning Case Management Form interface . Poisoning-related

Lantana poisoning

Lantana poisoning

Comp102-Spring 2000 Mid-Term Solution

Comp102-Spring 2000 Mid-Term Solution