A Taxonomy of Cache Poisoning Attacks?
Jesus Couto
jesus.couto at innosec.es
Thu Aug 24 15:46:59 UTC 2000
Hi,
Anyone knows a good resource that list all the kinds of
cache poisoning attacks and the security measures that need to be taken
to prevent them? (either historically, in the BIND code, or things an
administrator should do).
So far, by reading this list archives and searching the web, I
think that cache poisoning attacks are:
- Done by spoofing nameserver answers (DNS id prediction): this
cant be solved. Best thing a sysadmin can do is to limit recursive queries
to a group of "trusted" nets, or at least ones where its easy to find
people doing this and slap them.
- Done by adding an answer section to a query: this is fixed in
newer BIND versions.
- Done by sending bogus information in the additional info
section: this is something I'm not 100% clear about. It seems possible, it
also seems BIND takes some measures against it, but it seems also to be
fundamentally impossible to fix till DNSSEC is out. This is one
kind of attack I would like more info.
Its this all? I'm forgetting some way of doing or preventing it?
Thanks in advance.
Jesus Couto F.
More information about the bind-users
mailing list