[dns-operations] Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS
ler762 at gmail.com
Tue Aug 17 17:17:02 UTC 2021
On 8/17/21, Paul Wouters wrote:
> On Fri, 13 Aug 2021, Tony Finch wrote:
>> Subject: [dns-operations] Injection Attacks Reloaded: Tunnelling
>> Payloads over DNS
>> David Malone pointed out to me on Twitter a paper from this year's USENIX
>> security symposium. It has an impressive collection of attacks on
>> applications that use the DNS.
> Sadly, it did not test systemd-resolved or dnsmasq.
If you have a system that uses systemd-resolved or dnsmasq you can test them at
For whatever it's worth, I get 'Your resolver is not vulnerable ...'
for each test if I have
check-names response fail;
in my bind named.conf
But every single 'Special character filtering' test comes back 'was
not filtered by your resolver' if I remove check-names :(
More information about the dns-operations