lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.62.0707262338400.22355@linuxbox.org>
Date: Thu, 26 Jul 2007 23:40:55 -0500 (CDT)
From: Gadi Evron <ge@...uxbox.org>
To: Jamie Riden <jamie.riden@...il.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: "BIND 9 DNS Cache Poisoning" by Amit Klein (Trusteer)

This is Paul Vixie's response on this, when I asked him for verification:

-----
this bug has been reported over and over again for a dozen years.  it's
odd to have to keep fixing it-- i fixed it in bind4 and bind8 when theo
de raadt offered me his random number generator to use.  bind9 should've
used that same one but apparently didn't.  note that with this fix, the
difficulty in poisoning someone's cache rises from "a few tens of seconds"
to "a few minutes".  it's a 16-bit field.  not a lot of room for
randomness or unpredictability.  only DNSSEC, a protocol change, fixes
this problem, which is fundamentally a protocol problem.  but since folks
just won't leave it alone and keep on reporting it year after decade, we
will keep on improving our random number generator for this dinky little
16-bit field.  i just wish the reporters wouldn't be so smarmy and self
congradulatory about it.  it's not like this hasn't been reported, and
fixed, many times by many others.
-----

 	Gadi.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ