[dns-operations] DNS Attack over UDP fragmentation

Stephane Bortzmeyer bortzmeyer at nic.fr
Mon Sep 9 07:12:25 UTC 2013

On Fri, Sep 06, 2013 at 09:44:34PM +0300,
 Haya Shulman <haya.shulman at gmail.com> wrote 
 a message of 232 lines which said:

> We studied the IPID randomisation on the name servers (not the resolvers).

Just a warning: it's IPID _unpredictability_ (for a blind attacker)
which is important. Randomisation can be bad because it creates the
risk of IPID duplication (see RFC 6274 but RFC 6056, while talking
about a different field, may be interesting too).

More information about the dns-operations mailing list