[dns-operations] DNS Attack over UDP fragmentation
Keith Mitchell
keith at dns-oarc.net
Mon Sep 9 15:27:21 UTC 2013
On 09/09/2013 06:07 AM, Haya Shulman wrote:
> For instance, DNS-OARC does not detect port prediction attacks, and
> reports clients as secure, while they are vulnerable to attacks.
OARC does many things, I assume here you are referring to our port
entropy tester:
https://www.dns-oarc.net/oarc/services/porttest
> I contacted the maintainers of DNS-OARC and notified them of this
> vulnerability last year, and proposed a simple fix to the problem...
> but the system was not updated and still reports vulnerable systems
> as secure, so relying on its feedback may be risky.
I didn't see that communication, so I can only assume it pre-dated my
current OARC tenure. Thanks for the heads-up and apologies it did not
get responded to. If you could please re-send me what you sent off-list,
we'll see about getting your proposed fix incorporated into the tool
and/or an appropriate caveat meantime.
Keith
More information about the dns-operations
mailing list