Thursday, March 17, 2005

DNS Cache Poisoning (Technical Article)

SecurityFocus has published an indepth article on the subject of 'DNS Cache Poisoning'. If you want more information and history on this subject, its a pretty good read. This article is very technical, so if you don't understand DNS and TCP/IP, it might be boring.

Here is an excerpt from the article: "The old problem of DNS cache poisoning has again reared its ugly head. While some would argue that the domain name system protocol is inherently vulnerable to this style of attack due to the weakness of 16-bit transaction IDs, we cannot ignore the immediate threat while waiting for something better to come along. There are new attacks, which make DNS cache poisoning trivial to execute against a large number of nameservers running today. The purpose of this article is to shed light on these new attacks and recommend ways to defend against them."

No comments: