[dns-operations] Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS
wbrown at e1b.org
Wed Sep 1 13:13:01 UTC 2021
I'm late to this thread, but ...
IMHO authors of the paper highlight a valid point:
There is no _explicit_ guidance for consumers of DNS data which explains that results of DNS resolution process must be treated very carefully.
It is clear to this group of DNS experts, but I think we should lend a helping hand to DNS consumers and at least explain why consumers have to check everything.
Is anyone interesting in writing a short RFC on this topic?
I think this could be summed up as "Validate any input provided by sources you don't trust" with a subsection "don't automatically trust DNS data".
Confidentiality Notice: This electronic message and any attachments may contain confidential or privileged information, and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agent responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachments. Please notify the sender immediately by return e-mail or telephone and delete this message from your system.
More information about the dns-operations