Exploit for DNS Cache Poisoning - RELEASED

• Previous message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Next message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Jul 23, 2008, at 3:51 PM, Robert D. Scott wrote:
> Actually you are not missing anything. It is a brute force attack.

I haven't looked at the exploit code, but the vulnerability Kaminsky  
found is a bit more than a brute force attack. As has been pointed out  
in various venues, it takes advantage of a couple of flaws in the DNS  
architecture. No, not simply the fact that the QID space is only 16  
bits.  That's part of it, but there is more. Really.  I'm sure you can  
find the 'leaked' Matasano Chargen description of the attack on the  
net somewhere.

> But other than just muck things up where is the motivation for a  
> poisoning?

Man-in-the-middle attacks directed at ISPs serving end users who want  
to (say) get to their banks?

Regards,
-drc

• Previous message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Next message (by thread): Exploit for DNS Cache Poisoning - RELEASED
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]