Download
dns cache poisoning n.
Skip this Video
Loading SlideShow in 5 Seconds..
DNS Cache Poisoning PowerPoint Presentation
Download Presentation
DNS Cache Poisoning

DNS Cache Poisoning

74 Views Download Presentation
Download Presentation

DNS Cache Poisoning

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. DNS Cache Poisoning

  2. Agenda • What is the DNS ? • Poisoning the cache • Short term solution • Long term solution

  3. a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network Doname Name System

  4. Zone • Nameserver • Authoritative Nameserver • Resolver • Recursive Nameserver • Resource Record • Delegation Terminology

  5. Nothing prevents any nameserver from hosting any zone, including those it doesn't really own. it has no effect because no higher-level nameserver ever delegates to it A simple DNS query

  6. What's in a DNS packet?

  7. The packet in the step 7

  8. The Time-To-Live What's in the cache?

  9. Step 1: • Guessing the Query ID and Port Number • Step 2: • Flooding the target nameserver Poisoning the cache

  10. Guessing the Query ID

  11. Version 1 Flooding the target nameserver

  12. Version 2 Flooding the target nameserver

  13. Maximise the amount of randomness • randomizing the Port Number and Query ID • Even patched servers may still be vulnerable if an intervening firewall performs Port Address Translation in a way that un-randomizes the source ports • Disable open recusive name servers • If you must run a recursive name server, limit access to only those computers that need it. (e.g. your customers) Short term solution

  14. DNSSEC is the current answer to this problem Long term solution

  15. Any questions?