BLAG

BLAG Forums
It is currently Sat Dec 20, 2014 7:26 am

All times are UTC




Post new topic Reply to topic  [ 8 posts ] 
Author Message
 Post subject: DNS Bug
PostPosted: Wed Jul 09, 2008 6:50 am 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
http://media.blackhat.com/webinars/blac ... erence.mp3

Seems to be something like this:

paul vixie in 1995 wrote:
With only 16 bits worth of query ID and 16 bits worth of UDP port number, it's hard not to be predictable. A determined attacker can try all the numbers in a very short time and can use patterns derived from examination of the freely available BIND source code. Even if we had a white noise generator to help randomize our numbers, it's just too easy to try them all.


djb 2001 wrote:
> Randomising the port number for each query achieves precisely nothing.

Wrong. Randomizing the port number makes a huge difference in the cost
of a forgery for blind attackers---i.e., most attackers on the Internet.
Here's the picture:

Code:
                     normal         colliding      sniffing
                     blind attack   blind attack   attack
                     ------------   ------------   --------
   nothing           1              1              1
   ID (BIND)         65536          256            1
   ID+port (djbdns)  4227727360     65020          1


It's funny that the BIND company has gone to so much effort to move from the first line to the second, but now pooh-poohs the third line.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 09, 2008 9:34 pm 
Offline
Site Admin

Joined: Wed Mar 17, 2004 6:17 pm
Posts: 1340
Location: London, UK
http://www.doxpara.com/
FWIW.
Look on the right hand side of the page for the "dns checker". Ran the test on a 70k laptop with no firewall - safe(?).

_________________
BLAG 'em up!


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 09, 2008 10:23 pm 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
john maclean wrote:
http://www.doxpara.com/
FWIW.
Look on the right hand side of the page for the "dns checker". Ran the test on a 70k laptop with no firewall - safe(?).


It is checking your *ISP*, not your BLAG box.


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 09, 2008 10:46 pm 
Offline
Site Admin

Joined: Wed Mar 17, 2004 6:17 pm
Posts: 1340
Location: London, UK
right. Yeah I knew that /* lies */

_________________
BLAG 'em up!


Top
 Profile  
 
 Post subject:
PostPosted: Wed Jul 23, 2008 12:19 am 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
Details of DNS Flaw Leaked; Exploit Expected by End of Today

http://blog.wired.com/27bstroke6/2008/0 ... f-dns.html


Top
 Profile  
 
 Post subject:
PostPosted: Thu Aug 07, 2008 12:40 am 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
Test the DNS resolver you are using (as listed in /etc/resolv.conf):

Code:
dig +short porttest.dns-oarc.net TXT


Top
 Profile  
 
 Post subject:
PostPosted: Thu Aug 07, 2008 7:10 am 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
Starts hitting mainstream press...
http://voices.washingtonpost.com/securi ... v=rss_blog


Top
 Profile  
 
 Post subject:
PostPosted: Fri Aug 08, 2008 9:53 pm 
Offline
Site Admin

Joined: Sun Mar 14, 2004 3:17 pm
Posts: 4492
Location: Loveland, Colorado, USA
An Illustrated Guide to the Kaminsky DNS Vulnerability

http://www.unixwiz.net/techtips/iguide- ... -vuln.html


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 8 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group