[BIND][security mechanisms]
MIGAULT Daniel
daniel.migault at francetelecom.com
Tue Jan 17 16:08:49 UTC 2006
Hi,
I am currently working on various attacks which can be launched on DNS
servers.
I am using dnsa program written by Pierre Betouin who enables to launch
cache poisoning attack and DNS ID Spoofing attack. I am testing
poisoning attack on versions BIND9.3 and 8.4, without succeeding. On the
other hand, I hardly find documentation on BIND implemented security
mechanisms.
So here are the questions I am looking for an answer :
1. Which mechanisms are implemented in BIND to tackle cache poisoning
attacks, i.e. which criteria are used to accept/reject additionnal data
field to/from cache when a DNS packet is received?
2. Which versions of BIND are vulnerable to ID spoofing and cache
poisoning?.
3. Which mechanisms are implemented to tackle ID Spoofing attack and
DoS attack.When one sends several time the same request to a DNS
server, it does not seem to systematically proceed to the resolution
of the request. Are there any specific timer? Does BIND server keep
contexts in order to know a kind of history of former requests?
Regards
Daniel
More information about the bind-users
mailing list