Comentarios en: Matasano – Kaminsky – DNS Forgery

Por: Dennis Baaten Blog » DNS protocol onveilig

Dennis Baaten Blog » DNS protocol onveilig — Fri, 01 Aug 2008 13:00:16 +0000

[...] komen wat het lek was. Dat is hem gelukt, waardoor de details van het lek bekend werden. Vóór en na de bekendmaking door Flake gingen hadden een aantal personen bij security bedrijf Matasano moeite [...]

Por: Falsificación de DNS de Matasano - Kaminsky | Like a clockwork orange

Falsificación de DNS de Matasano - Kaminsky | Like a clockwork orange — Mon, 28 Jul 2008 03:08:00 +0000

[...] lo primero: Esto no es mío. Es solo una traduccción de este post en el blog de mi buen amigo Buanzo -a quien le robo noticias seguido, solo que las publico más [...]

Por: La Tararita

La Tararita — Sat, 26 Jul 2008 11:48:08 +0000

How does Mallory entice Bob to look up AAAAA.VICTIM.COM, AAAAB.VICTIM.COM, and all the way to CXOPQ.VICTIM.COM ?

I first thought of using redirection http replies, but
since most of the time Alice wins with her NXDOMAIN response, that would not work. Does Mallory prepare a document with image source links to all these addresses?
Some javascript perhaps?

Por: The flash design guy

The flash design guy — Thu, 24 Jul 2008 23:10:04 +0000

Are there websites outthere that have been targetted?

Por: WirelessNetwork.org » News » Re: Lesson From the DNS Bug: Patching Isn’t Enough

Thu, 24 Jul 2008 21:03:17 +0000

[...] http://blogs.buanzo.com.ar/2008/07/m…s-forgery.html [...]

Por: Cecil Britton

Cecil Britton — Thu, 24 Jul 2008 14:23:02 +0000

This is one excellent presentation of a complex problem in language understandable by anyone with even a slight technical bent.

Por: Scott Bradford: Off on a Tangent » Blog Archive » Breaking the Internet

Wed, 23 Jul 2008 15:47:23 +0000

[...] was discovered, I’m increasingly frustrated though by the lack of published detail. Of course there have been leaks that accurately describe the potential attack this bug would allow, and the sources of those leaks [...]

Por: Mike

Mike — Wed, 23 Jul 2008 14:45:10 +0000

Thank you for the very visual and everyday-commonplace analogy. I work in network tech support, and am constantly visualizing invisible and virtual connections. Why has this vulnerability been un-checked for so long? Aren’t there teams of scientists, web engineers, and even hackers scouring the Web infrastructure minutae for this? Good luck, and congratulations on finding this. Software analysis is not easy, folks.

Por: Dan Grossman » How DNS Poisoning Works

Dan Grossman » How DNS Poisoning Works — Wed, 23 Jul 2008 07:58:28 +0000

[...] attacks work that I could make sense of without first reading a book on DNS. Interesting stuff: Reliable DNS Forgery in 2008: Kaminsky’s Discovery. Tags: [...]

Por: HCS’s and Gen’s Place » Blog Archive » The “cabal” over a DNS flaw is finally busted.

Wed, 23 Jul 2008 00:03:01 +0000

[...] Matasano – Kaminsky – DNS Forgery | Buanzolandia [...]