1 / 15

DNS Cache Poisoning

DNS Cache Poisoning. Agenda What is the DNS ? Poisoning the cache Short term solution Long term solution. a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network. Doname Name System. Zone

kaycee
Download Presentation

DNS Cache Poisoning

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. DNS Cache Poisoning

  2. Agenda • What is the DNS ? • Poisoning the cache • Short term solution • Long term solution

  3. a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network Doname Name System

  4. Zone • Nameserver • Authoritative Nameserver • Resolver • Recursive Nameserver • Resource Record • Delegation Terminology

  5. Nothing prevents any nameserver from hosting any zone, including those it doesn't really own. it has no effect because no higher-level nameserver ever delegates to it A simple DNS query

  6. What's in a DNS packet?

  7. The packet in the step 7

  8. The Time-To-Live What's in the cache?

  9. Step 1: • Guessing the Query ID and Port Number • Step 2: • Flooding the target nameserver Poisoning the cache

  10. Guessing the Query ID

  11. Version 1 Flooding the target nameserver

  12. Version 2 Flooding the target nameserver

  13. Maximise the amount of randomness • randomizing the Port Number and Query ID • Even patched servers may still be vulnerable if an intervening firewall performs Port Address Translation in a way that un-randomizes the source ports • Disable open recusive name servers • If you must run a recursive name server, limit access to only those computers that need it. (e.g. your customers) Short term solution

  14. DNSSEC is the current answer to this problem Long term solution

  15. Any questions?

More Related