The DNS fiasco

published Jul 21, 2008, last modified Jun 26, 2013

The ZDNET guys are discussing the DNS fiasco, but they forgot one little detail which makes the vulnerability ever so much more potent than what it looks like:

Halvar just posted a very good hypothesis, but one that does not include the fact that a forged request can also include a glue record that updates the cache on the attacked server, with a very long TTL. What this gibberish means is that you can attack a DNS in ten seconds and gain control of all queries sent to that DNS for all subdomains of any second-level domain like google.com. You "hijack" xkdjlsfjls.google.com and you have in effect hijacked the entirety of google.com for all users of the target DNS.

I'd post the Matasano article -- which has a very good explanation -- but I'd rather not worry about copyright infringement lawsuits.