[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Major DNS Vulnerabilities

From: "Joe White" <joe@xxxxxxxxxxxxxxxxxx>
Subject: Re: [WEB SECURITY] Major DNS Vulnerabilities
Date: Thu, 10 Jul 2008 10:46:19 -0700

Just in case you missed it, in a recent post to his blog
(http://www.doxpara.com/), Dan Kaminski says that if you are able to
figure out what he is planning to announce at DefCon (and communicate
it to him privately before the event) then you can come on stage with
him at DefCon.  =)


<<<>>>

On Wed, Jul 9, 2008 at 12:53 PM, Amit Klein <aksecurity@xxxxxxxxx> wrote:
> Johannes B. Ullrich, Ph.D. wrote:
>>
>> I have no real insider information, but even without that, the problem is
>> kind of obvious. You got a single source port, and a small number of query
>> IDs, making it reasonable easy to spoof a response. Add a decent tool to
>> attack this problem (maybe that's the part that is going to be released at
>> Blackhat?), a bunch of motivated users for such a tool (Phishing/Pharming?)
>> and you got a big problem.
>>
>> The overall issue has been discussed for a while (for example see this
>> paper http://www.sans.org/reading_room/whitepapers/dns/1567.php).
>
> But this research was conducted for Windows XP SP1. In SP2, Microsoft fixed
> that. And then I found that there's still a flaw
> (http://www.trusteer.com/files/Microsoft_Windows_resolver_DNS_cache_poisoning.pdf),
> and Microsoft fixed that in April this year. So this can't be the reason for
> Tuesday's fix...
>
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
>
> Subscribe via RSS: http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
> Join WASC on LinkedIn
> http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
>

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA

References:
- Re: [WEB SECURITY] Major DNS Vulnerabilities
  - From: Johannes B. Ullrich, Ph.D.
- Re: [WEB SECURITY] Major DNS Vulnerabilities
  - From: Amit Klein

Prev by Date: Re: [WEB SECURITY] Major DNS Vulnerabilities
Next by Date: [WEB SECURITY] Ways To Identify Returning Web Visitors
Previous by thread: Re: [WEB SECURITY] Major DNS Vulnerabilities
Next by thread: [WEB SECURITY] Ways To Identify Returning Web Visitors
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site