Home | Contents | Latest | Previous | Next

Details of the DNS Attack

This is my blog. It used to be a mailing list called C[omp]ute. It is still generated by email. You can reply to comments via the appropriate link. Edit the mail address to remove the anti-spam measure. © 2006-2008 Andrew Cooke (site) / post authors (content).

From: "andrew cooke" <andrew@...>

Date: Tue, 22 Jul 2008 11:05:21 -0400 (CLT) 

The DNS attack that was mentioned a while back (patches were released, but
the attack wasn't explained) is described here -
http://blogs.buanzo.com.ar/2008/07/matasano-kaminsky-dns-forgery.html

It's quite simple - force lookups of DOESNOTEXIST.example.com and use
those to poison www.example.com.

Andrew

Comment on this post

 

Home | Contents | Latest | Previous | Next