MoinQ:

1. DNS/毒盛2014/Kaminsky手法

DNS/毒盛/Kaminsky手法

CVE-2008-1447: DNS Cache Poisoning Issue ("Kaminsky bug") https://kb.isc.org/article/AA-00924/0/CVE-2008-1447%3A-DNS-Cache-Poisoning-Issue-Kaminsky-bug.html

DNSSEC is the only definitive solution for this issue.
Understanding that immediate DNSSEC deployment is not a realistic expectation, 
ISC is releasing patched versions of BIND that improve its resilience against this attack.
The method used makes it harder to spoof answers to a resolver
by expanding the range of UDP ports from which queries are sent,
thereby increasing the variability of parameters in outgoing queries.

この説明を真にうけると危ない。 -- ToshinoriMaeno 2014-03-13 04:51:13

当時のJPRSの説明: http://jprs.jp/tech/security/multiple-dns-vuln-cache-poisoning.html

../tweet 文献など

https://00f.net/2012/06/26/dnscache-poisoning-and-siphash/

BlackHat-DC-09-Kaminsky https://www.blackhat.com/presentations/bh-dc-09/Kaminsky/BlackHat-DC-09-Kaminsky-DNS-Critical-Infrastructure.pdf

2. 2008

Kaminsky (finally) provides DNS flaw details

http://addxorrol.blogspot.jp/2008_07_01_archive.html

MoinQ: DNS/毒盛再考/Kaminsky手法 (last edited 2021-05-02 00:03:35 by ToshinoriMaeno)