Possible fix for Kaminsky's bug
JINMEI Tatuya / 神明達哉
Jinmei_Tatuya at isc.org
Wed Aug 27 05:45:27 UTC 2008
At Wed, 27 Aug 2008 00:13:03 -0400,
"L. Gabriel Somlo" <gsomlo at gmail.com> wrote:
> I believe the attached patch fixes Dan Kaminsky's bug, and puts us
> back to where an attacker would have to wait for the TTL to expire
> before being able to poison the cache.
>
> Anyone see any reason why we shouldn't do this ?
I'm pretty sure that this patch doesn't avoid all variations of
Kaminsky's attack, but could you be more specific about the intended
attack scenario you have in your mind, by clarifying:
- assumption: the cache contents before the attack with the 'trust'
level
- attack packet: a sequence of query that triggers the attack and
forged responses
- resulting cache contents when the attack succeeds
---
JINMEI, Tatuya
Internet Systems Consortium, Inc.
More information about the bind-users
mailing list