The DNS fiasco

by Rudd-O published 2008/07/21 23:49:45 GMT+0, last modified 2013-06-26T03:24:25+00:00

The ZDNET guys are discussing the DNS fiasco, but they forgot one little detail which makes the vulnerability ever so much more potent than what it looks like:

Halvar just posted a very good hypothesis, but one that does not include the fact that a forged request can also include a glue record that updates the cache on the attacked server, with a very long TTL. What this gibberish means is that you can attack a DNS in ten seconds and gain control of all queries sent to that DNS for all subdomains of any second-level domain like google.com. You "hijack" xkdjlsfjls.google.com and you have in effect hijacked the entirety of google.com for all users of the target DNS.

I'd post the Matasano article -- which has a very good explanation -- but I'd rather not worry about copyright infringement lawsuits.