[dns-operations] DNS Attack over UDP fragmentation
Ondřej Surý
ondrej.sury at nic.cz
Wed Sep 4 13:08:55 UTC 2013
Hi all,
for all those who haven't been on saag WG at IETF 88...
Amir Herzbert and Haya Shulman has presented a quite interesting attack on UDP fragmentation that allows Kaminsky-style attacks to be real again.
The saag presentation is here: http://www.ietf.org/proceedings/87/slides/slides-87-saag-3.pdf
The paper describing the attack is here:
http://arxiv.org/pdf/1205.4011v1.pdf
More Haya Shulman's publications can be found here:
https://sites.google.com/site/hayashulman/publications
And some papers are also available from Google Scholar:
http://scholar.google.com/scholar?hl=en&q=Amir+Herzberg%2C+Haya+Shulman+++dnssec&btnG=&as_sdt=1%2C5&as_sdtp=
We gave it some thoughts here at CZ.NIC Labs and we think that the threat is real and we are now trying to write a PoC code to prove the theoretical concept.
So what are the views of other people on this list?
Ondrej
--
Ondřej Surý -- Chief Science Officer
-------------------------------------------
CZ.NIC, z.s.p.o. -- Laboratoře CZ.NIC
Americka 23, 120 00 Praha 2, Czech Republic
mailto:ondrej.sury at nic.cz http://nic.cz/
tel:+420.222745110 fax:+420.222745112
-------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20130904/f3cf8e77/attachment.sig>
More information about the dns-operations
mailing list