This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/dns-wg@ripe.net/
[dns-wg] New on RIPE Labs: NXNSAttack: Upgrade Resolvers to Stop New Kind of Random Subdomain Attack
- Previous message (by thread): [dns-wg] New on RIPE Labs: NXNSAttack: Upgrade Resolvers to Stop New Kind of Random Subdomain Attack
- Next message (by thread): [dns-wg] New on RIPE Labs: NXNSAttack: Upgrade Resolvers to Stop New Kind of Random Subdomain Attack
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Geoff Huston
gih at apnic.net
Wed May 20 21:49:43 CEST 2020
This is not a “newly discovered vulnerability. This was presented at DNS OARC 21 by Florian Maury in 2015 https://indico.dns-oarc.net/event/21/contributions/301/attachments/272/492/slides.pdf, and also details the fixes applied to resolvers at the time. As Florian also points out the generic vulnerability of unbounded work flows was identified by Dr Paul Mockapetris in RFC1034 in 1987. thanks, Geoff > On 21 May 2020, at 12:43 am, Mirjam Kuehne <mir at ripe.net> wrote: > > Dear colleagues, > > This article by Petr Špaček of CZ.NIC describes a newly discovered DNS > protocol vulnerability that affects all recursive DNS resolvers. > NXNSAttack allows the execution of random subdomain attacks using the > DNS delegation mechanism, resulting in a big packet amplification factor. > > Please read more about this on RIPE Labs: > > https://labs.ripe.net/Members/petr_spacek/nxnsattack-upgrade-resolvers-to-stop-new-kind-of-random-subdomain-attack > > Kind regards, > Mirjam Kühne > RIPE NCC >
- Previous message (by thread): [dns-wg] New on RIPE Labs: NXNSAttack: Upgrade Resolvers to Stop New Kind of Random Subdomain Attack
- Next message (by thread): [dns-wg] New on RIPE Labs: NXNSAttack: Upgrade Resolvers to Stop New Kind of Random Subdomain Attack
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]