lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4087F2EB.3030805@sidestep.pt>
From: luis.grangeia at sidestep.pt (Luis Grangeia)
Subject: [Research Paper] DNS Cache Snooping

Hi,

I have written a research paper on a relatively ignored DNS issue known
as DNS Cache Snooping. This issue allows one, for instance, to query a
DNS cache to verify if a certain site has been accessed or if an email
was recently sent to a given domain.

Abstract and link below. Reader feedback and constructive criticism is
welcome and appreciated.

Available at

http://community.sidestep.pt/~luis/DNS-Cache-Snooping/


ABSTRACT

This research paper presents a technical overview of the technique known
as DNS cache snooping. Firstly, a brief introduction to DNS is made
followed by a discussion on common misconceptions regarding DNS
sub-systems. Then this relatively unknown technique is introduced,
followed by a field study to assert the overall exposure of the Internet
to this threat. Also, a set of devised abuse scenarios that rely on
cache snooping is presented. This paper concludes with recommendations
on how to reduce exposure to this problem, including proposed changes to
the BIND DNS server implementation.


Regards,

-- 
Luis Grangeia, GSNA
http://community.sidestep.pt/~luis/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ