[dns-operations] Spoofing DNS with fragments

A. Schulze sca at andreasschulze.de
Mon Sep 17 21:41:52 UTC 2018



Am 15.09.18 um 23:59 schrieb Mark Andrews:
> Dnswkk is just a test using the suggested well known tsig key. 
> 
> Name “.”
> Algorithm: hmac-sha256
> Key: 256 zero bits (32 zero bytes) 
> 
> Hmac-sha256 was chosen because it  is almost certainly already by the name server already or the libraries it is using and avoids having to argue about using hoax-md5 or hmac-sha1 even though both of those would be fine and pose no risk at all.
> 
> Yes you can get a “ok” if you were to configure a server with this key and have your clock correct. Use the master branch. 
> 
> CC’d dns-operations to save you asking there. The test only knows one key though the code could be made more general. 
> 
> Even if the TSIG well known key doesn’t get through this still is testing TSIG implementations and finding lots of bugs both in the TSIG code, TSIG specification, and other other areas implementation and specification. 
> 
> STD under specifies how to generate a FORMERR. You don’t just echo the request back with the rcode set to FORMERR. Why anyone one would think it is sane to send bits you don’t understand in a reply I don’t know when you can just send a DNS header. 
> 
> The same goes for echoing back a unknown EDNS option by Microsoft’s servers.  We fixed the RFC then they shipped code that does that or that’s how it appears. 
> 

I now setup the authoritative servers (NSD version 4.1.24) handling my domain andreasschulze.de. to use that "well known key" (wkk).
Please, could somebody verify my setup?

Thanks.
Andreas



More information about the dns-operations mailing list