[Haifux] [HAIFUX LECTURE] DNS Cache-Poisoning: New Attacks and Defenses -- Haya Shulman

Eli Billauer eli at billauer.co.il
Sat Jul 6 21:37:37 MSD 2013 

On Monday, July 8th at 18:30, Haifux will gather to hear a talk by Haya 
Shulman:

    DNS Cache-Poisoning: New Attacks and Defenses

Abstract

The Domain Name System (DNS) is key to the availability and correct 
operation of the Internet. Due to its significance it is also a 
lucrative target for attacks, most notably for cache poisoning. DNS 
cache-poisoning enables attackers to redirect clients to malicious 
hosts, allowing distribution of malware, credentials theft, phishing and 
spam, web sites defacement, and more.

Cryptographic defenses were designed (DNSSEC), but are not widely 
deployed; instead, multiple challenge-response defenses are used. 
However, we show how attackers may be able to circumvent those defenses 
and poison in spite of them; specifically:
  - Circumvent source port randomisation, in the (common) case where the 
resolver connects to the Internet via different NAT devices.
  - Circumvent IP address randomisation supported by standard-conforming 
resolvers.
  - Circumvent query randomisation, including both randomisation by 
prepending a random nonce and case randomisation (0x20 encoding).

We present countermeasures preventing our attacks; however, we advocate 
that only correct adoption of cryptographic security such as DNSSEC, can 
prevent the cache-poisoning attacks, and discuss the challenges and 
status of DNSSEC deployment. Joint work with Amir Herzberg.

=================================================================

We meet in Taub building, room 6. For instructions see:
http://www.haifux.org/where.html

Attendance is free, and you are all invited!

==================================================================
Future lectures:

22/07/13 Replicate and Bundle (RnB) -- A Mechanism for Relieving
          Bottlenecks in Data Centers: Shachar Raindel
05/08/13 All I really need to know about bioinformatics, I learned in
          Haifux: Boaz Goldstein


==================================================================

We are always interested in hearing your talks and ideas. If you wish to 
give a talk, hold a discussion, or just plan some event haifux might be 
interested in, please contact us at webmaster at haifux.org

-- 
Web: http://www.billauer.co.il

More information about the Haifux mailing list