This page looks plain and unstyled because you're using a non-standard compliant browser. To see it in its best form, please upgrade to a browser that supports web standards. It's free and painless.

My life,my experience...
   喜歡一種 自由自在 無拘無束的感覺
Album | Blog | Comment | Profile | Control Panel

DNS新漏洞

fvalinux | 25 September,2008 7:03
Bookmark: HemiDemi MyShare Baidu Google Bookmarks Yahoo! My Web Del.icio.us Digg technorati furl Bookmark to:YouPush Bookmark to:你推我報

http://www.unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html
這個今年被爆出來的dns協定先天的漏洞感覺還滿嚴重的,
不過剛看完之後,感覺跟
idle scan
http://en.wikipedia.org/wiki/Idle_scan
http://nmap.org/book/idlescan.html

arp spoofing
的手法都滿雷同的…
不過這dns的spoofing當然難度高出許多@@
看完後,簡單來講就是
利用dns server跟root server和gtld server
request時,餵假的dns reply給它,讓dns server
收到假的reply 進而存進自己的cache裡,
不過餵給dns假資料的速度要夠快,不然dns server收到正確的dns reply後,
你丟過去的假資料會被drop...
而且你還要猜到dns 跟 其它 server 請求時所開的source port和query id才行.
依現在的網路標準…只要dns被駭就差不多整碗被棒走了…XD


Trackback URL:
No Category::Comments(0)::Trackback(0) ::Hits(98)
Shorten Url Recommend to Front page Forward by E-mail Forward to Guestbook

Comment

Trackback

Comment Permissions: Allow commenting

Leave Comment

*Name/Nickname
E-mail
Personal Website
Comment Title
*Comment
* Private Comment