[HAIFUX LECTURE] DNS Cache-Poisoning: New Attacks and Defenses -- Haya Shulman
eli at billauer.co.il
Sat Jul 6 21:37:37 MSD 2013
On Monday, July 8th at 18:30, Haifux will gather to hear a talk by Haya
DNS Cache-Poisoning: New Attacks and Defenses
The Domain Name System (DNS) is key to the availability and correct
operation of the Internet. Due to its significance it is also a
lucrative target for attacks, most notably for cache poisoning. DNS
cache-poisoning enables attackers to redirect clients to malicious
hosts, allowing distribution of malware, credentials theft, phishing and
spam, web sites defacement, and more.
Cryptographic defenses were designed (DNSSEC), but are not widely
deployed; instead, multiple challenge-response defenses are used.
However, we show how attackers may be able to circumvent those defenses
and poison in spite of them; specifically:
- Circumvent source port randomisation, in the (common) case where the
resolver connects to the Internet via different NAT devices.
- Circumvent IP address randomisation supported by standard-conforming
- Circumvent query randomisation, including both randomisation by
prepending a random nonce and case randomisation (0x20 encoding).
We present countermeasures preventing our attacks; however, we advocate
that only correct adoption of cryptographic security such as DNSSEC, can
prevent the cache-poisoning attacks, and discuss the challenges and
status of DNSSEC deployment. Joint work with Amir Herzberg.
We meet in Taub building, room 6. For instructions see:
Attendance is free, and you are all invited!
22/07/13 Replicate and Bundle (RnB) -- A Mechanism for Relieving
Bottlenecks in Data Centers: Shachar Raindel
05/08/13 All I really need to know about bioinformatics, I learned in
Haifux: Boaz Goldstein
We are always interested in hearing your talks and ideas. If you wish to
give a talk, hold a discussion, or just plan some event haifux might be
interested in, please contact us at webmaster at haifux.org
More information about the Haifux-announce