SlideShare una empresa de Scribd logo

Black Ops 2008: DNS Cache Poisoning Attack

Descargar como PPT, PDF
C
claytonnarcis

This document summarizes Dan Kaminsky's talk at Black Hat 2008 about DNS cache poisoning vulnerabilities. It describes how an attacker could spoof DNS responses to redirect traffic to malicious servers by guessing transaction IDs and bait-and-switch techniques. It also discusses ways to trigger DNS lookups from internal resolvers and extended the attacks to target firewall-protected networks. The talk highlighted major security issues in the DNS infrastructure and spurred an industry-wide effort to deploy patches.

Tecnología
1 de 104
Black Ops 2008: It’s The End Of The Cache As We Know It Or: “64K Should Be Good Enough For Anyone” Dan Kaminsky Director of Penetration Testing IOActive, Inc. copyright IOActive, Inc. 2006, all rights reserved.
Introduction ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Thanks to the community ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Obviously thanks to the Summit Members ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
There are numbers and are there are numbers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What about the Fortune 500? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Can we watch the patching in action? (Thank you, Joichim Vidde et al, Clarified Networks)
But why all this work? ,[object Object]
Intro to DNS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
DNS is distributed ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What about bad guys? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Guessing Game ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
And thus, Forgery Resilience ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
First: If it’s a race, between who can reply with the correct TXID first, the bad guy has the starter pistol ,[object Object],[object Object],[object Object],[object Object],[object Object]
Second, who said the bad guy can only reply once ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Finally, the bad guy doesn’t actually need to wait to try again. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Bait and Switch ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Enter The DNSRake ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What’s it look like? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Running the attack… ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Validating the attack ,[object Object]
Extending The Attacks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
On Bailiwicks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Out Of Bailiwick Referrals, or How To Attack Name Servers Behind Firewalls ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Many Starter Pistols Of Mr. Bad Guy ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
GetHostByName() Considered Harmful ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
GetHostByAddr() ain’t doing too well either ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Roy Arends’ Trick ,[object Object],[object Object],[object Object],[object Object]
About Those Internal Only Name Servers: An amusing trick ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The “Fix”, As Per DJB: Source Port Randomization ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
THERE ARE MANY, MANY VARIANTS OF THIS ATTACK ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Florian Weimer / David Dowling’s new PowerDNS attack ,[object Object],[object Object],[object Object]
And Keep Going… ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Choice ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Caveat ,[object Object],[object Object],[object Object]
What of the client? ,[object Object],[object Object],[object Object],[object Object],[object Object]
On Amit’s Client TXID Research ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Nothing Can Be Analyzed In Isolation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Chain ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Signals ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Shared Signals ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Another Path ,[object Object],[object Object],[object Object],[object Object]
Nobody ever expects The Billy Hoffman Option ,[object Object],[object Object],[object Object],[object Object],[object Object]
Of course, much easier with my attack ,[object Object],[object Object],[object Object],[object Object],[object Object]
So, is that all? ,[object Object]
We Start With The TLDs ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
MX Intercept: It’s Not Just For the NSA Anymore ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Message Pollution ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Shouldn’t The SPAM Filter Stop This? ,[object Object],[object Object],[object Object],[object Object]
Not going there, but… ,[object Object],[object Object],[object Object],[object Object],[object Object]
Spidey Sense ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Internet is more than the Web; HTTP is more than the Browser ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
 
We’re no longer in browserland anymore…
Remember Sidebar from Last Year?
This is not an exception ,[object Object],[object Object],[object Object],[object Object],[object Object]
Ilja van Sprundel, dumb fuzzing IRC with ircfuzz.c ,[object Object],[object Object],[object Object],[object Object],[object Object]
Lets not forget about the biggest, most extensive clients out there ,[object Object],[object Object],[object Object],[object Object]
How do you know what to attack? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Who needs an exploit? Lured by design, upgraded by design ,[object Object],[object Object],[object Object],[object Object]
Autoupgrade Is Hard ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
*facepalm* ,[object Object],[object Object],[object Object],[object Object]
Make no mistake ,[object Object],[object Object],[object Object]
Lets talk about SSL. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
More SSL ,[object Object],[object Object],[object Object],[object Object],[object Object]
Must Actually Care About Certificate Chain ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Who Says Applications Always (ever) Care About Cert Chains? ,[object Object],[object Object],[object Object]
Even if actually a web app, must handle secure cookies correctly ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Must not mix Secure and Insecure ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Woe To The Poor Flash Security Guy Who Had To Document AllowInsecureDomain() ,[object Object],[object Object],[object Object],[object Object],[object Object]
 
We Live In The Future ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cert should not use MD5 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cert Must Never Have Been Generated By Debian ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
So? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Into The Lions Den ,[object Object],[object Object],[object Object]
Say Hello To My Little Friend ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hello My Little Friend ,[object Object],[object Object],[object Object],[object Object],[object Object]
And what about EV? ,[object Object],[object Object],[object Object],[object Object]
What Else Is Interesting? ,[object Object],[object Object]
When I said The Web was broken, I wasn’t talking about just its clients. (confused?)
Welcome to the Skeleton Key. It’s By Design.
Forgot My Password Modes ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Attacking Forgot My Password systems ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
News ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Reality Check ,[object Object],[object Object]
Would OpenID have helped?
How did Stikis find the “friend”? Hint: DNS
So Right About Now You’re Probably Thinking… ,[object Object],[object Object]
Let Us Discuss The Inconvenient Matter Of Reverse DNS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
More Reverse DNS ,[object Object],[object Object],[object Object],[object Object],[object Object]
Lets Party Like It’s 2007 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Spreading The Phun ,[object Object],[object Object],[object Object],[object Object]
Enough with the client bugs? ,[object Object]
Which would you rather own? BGP? Or DNS? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Difficulty: Cannot poison authoritative on servers… ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
When Internal DNS Goes Bad ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Even if internal DNS is hard to hit, external dependencies are fair game ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The ultimate external dependencies ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Content Distribution Network Corruption ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Hype ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Lessons Learned ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Bottom Line ,[object Object],[object Object],[object Object],[object Object]

Recomendados

Hacs workshop
Hacs workshopHacs workshop
Hacs workshopAmrita University
 
PDX Tech Meetup - The changing landscape of passwords
PDX Tech Meetup - The changing landscape of passwordsPDX Tech Meetup - The changing landscape of passwords
PDX Tech Meetup - The changing landscape of passwordsRyan Smith
 
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree Search
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree SearchAlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree Search
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree SearchKarel Ha
 
(in)Secure Secret Zone
(in)Secure Secret Zone(in)Secure Secret Zone
(in)Secure Secret ZoneReality Net System Solutions
 
Innovacion Abierta
Innovacion AbiertaInnovacion Abierta
Innovacion AbiertaStalin Rojas
 
Under Water
Under WaterUnder Water
Under WaterMarlis
 
Que Es Un Wiki!
Que Es Un Wiki!Que Es Un Wiki!
Que Es Un Wiki!isearcy
 
Crafco "Blue Matrix System" with Evazote
Crafco "Blue Matrix System" with EvazoteCrafco "Blue Matrix System" with Evazote
Crafco "Blue Matrix System" with EvazoteBrennanRoney
 

Recomendados

Hacs workshop
Hacs workshopHacs workshop
Hacs workshopAmrita University
 
PDX Tech Meetup - The changing landscape of passwords
PDX Tech Meetup - The changing landscape of passwordsPDX Tech Meetup - The changing landscape of passwords
PDX Tech Meetup - The changing landscape of passwordsRyan Smith
 
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree Search
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree SearchAlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree Search
AlphaGo: Mastering the Game of Go with Deep Neural Networks and Tree SearchKarel Ha
 
(in)Secure Secret Zone
(in)Secure Secret Zone(in)Secure Secret Zone
(in)Secure Secret ZoneReality Net System Solutions
 
Innovacion Abierta
Innovacion AbiertaInnovacion Abierta
Innovacion AbiertaStalin Rojas
 
Under Water
Under WaterUnder Water
Under WaterMarlis
 
Que Es Un Wiki!
Que Es Un Wiki!Que Es Un Wiki!
Que Es Un Wiki!isearcy
 
Crafco "Blue Matrix System" with Evazote
Crafco "Blue Matrix System" with EvazoteCrafco "Blue Matrix System" with Evazote
Crafco "Blue Matrix System" with EvazoteBrennanRoney
 
Dmk bo2 k8
Dmk bo2 k8Dmk bo2 k8
Dmk bo2 k8Dan Kaminsky
 
Basic hacking tutorial i
Basic hacking tutorial iBasic hacking tutorial i
Basic hacking tutorial iGeraldine Indira Jayo Escalante
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012Dan Kaminsky
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
Conficker
ConfickerConficker
Confickeremartinez.romero
 
A @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSA @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSRob Fuller
 
Footprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hackingFootprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hackingSathishkumar A
 
Dmk neut toor
Dmk neut toorDmk neut toor
Dmk neut toorDan Kaminsky
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Dan Kaminsky
 
Угадываем пароль за минуту
Угадываем пароль за минутуУгадываем пароль за минуту
Угадываем пароль за минутуPositive Hack Days
 
Tales from the Field
Tales from the FieldTales from the Field
Tales from the FieldMongoDB
 
Dmk bo2 k8_bh_fed
Dmk bo2 k8_bh_fedDmk bo2 k8_bh_fed
Dmk bo2 k8_bh_fedDan Kaminsky
 
2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)Felipe Prado
 
Dmk blackops2006
Dmk blackops2006Dmk blackops2006
Dmk blackops2006Dan Kaminsky
 
Black opspki 2
Black opspki 2Black opspki 2
Black opspki 2Dan Kaminsky
 
Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014Vincenzo Sambito
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheetInternational College of Security Studies
 
UUUU
UUUUUUUU
UUUUyonny4103
 
Ferret - Data Seepage
Ferret - Data SeepageFerret - Data Seepage
Ferret - Data Seepageamiable_indian
 
Ferret
FerretFerret
Ferretyonny4103
 
Melbourneit Brandowners
Melbourneit BrandownersMelbourneit Brandowners
Melbourneit Brandownersclaytonnarcis
 
Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)claytonnarcis
 

Más contenido relacionado

Similar a Black Ops 2008: DNS Cache Poisoning Attack

Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!nerdybeardo
 
A @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSA @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSRob Fuller
 
Footprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hackingFootprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hackingSathishkumar A
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Dan Kaminsky
 
Угадываем пароль за минуту
Угадываем пароль за минутуУгадываем пароль за минуту
Угадываем пароль за минутуPositive Hack Days
 
Tales from the Field
Tales from the FieldTales from the Field
Tales from the FieldMongoDB
 
2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)Felipe Prado
 
Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014Vincenzo Sambito
 

Similar a Black Ops 2008: DNS Cache Poisoning Attack (20)

Dmk bo2 k8
Dmk bo2 k8Dmk bo2 k8
Dmk bo2 k8
 
Basic hacking tutorial i
Basic hacking tutorial iBasic hacking tutorial i
Basic hacking tutorial i
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012
 
Password Storage Sucks!
Password Storage Sucks!Password Storage Sucks!
Password Storage Sucks!
 
Conficker
ConfickerConficker
Conficker
 
A @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNSA @textfiles approach to gathering the world's DNS
A @textfiles approach to gathering the world's DNS
 
Footprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hackingFootprinting-and-the-basics-of-hacking
Footprinting-and-the-basics-of-hacking
 
Dmk neut toor
Dmk neut toorDmk neut toor
Dmk neut toor
 
Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)Yet Another Dan Kaminsky Talk (Black Ops 2014)
Yet Another Dan Kaminsky Talk (Black Ops 2014)
 
Угадываем пароль за минуту
Угадываем пароль за минутуУгадываем пароль за минуту
Угадываем пароль за минуту
 
Tales from the Field
Tales from the FieldTales from the Field
Tales from the Field
 
Dmk bo2 k8_bh_fed
Dmk bo2 k8_bh_fedDmk bo2 k8_bh_fed
Dmk bo2 k8_bh_fed
 
2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)2600 v22 n3 (autumn 2005)
2600 v22 n3 (autumn 2005)
 
Dmk blackops2006
Dmk blackops2006Dmk blackops2006
Dmk blackops2006
 
Black opspki 2
Black opspki 2Black opspki 2
Black opspki 2
 
Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014Hunting primes (a caccia di primi) 27 ott 2014
Hunting primes (a caccia di primi) 27 ott 2014
 
Hacking CEH cheat sheet
Hacking CEH cheat sheetHacking CEH cheat sheet
Hacking CEH cheat sheet
 
UUUU
UUUUUUUU
UUUU
 
Ferret - Data Seepage
Ferret - Data SeepageFerret - Data Seepage
Ferret - Data Seepage
 
Ferret
FerretFerret
Ferret
 

Más de claytonnarcis

Melbourneit Brandowners
Melbourneit BrandownersMelbourneit Brandowners
Melbourneit Brandownersclaytonnarcis
 
Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)claytonnarcis
 
Dennis Carlton: Impact of new gTLD on consumer welfare
Dennis Carlton: Impact of new gTLD on consumer welfareDennis Carlton: Impact of new gTLD on consumer welfare
Dennis Carlton: Impact of new gTLD on consumer welfareclaytonnarcis
 
Dennis Carlton: Price caps on new gTLD registries
Dennis Carlton: Price caps on new gTLD registriesDennis Carlton: Price caps on new gTLD registries
Dennis Carlton: Price caps on new gTLD registriesclaytonnarcis
 
Michael Palage : Go/No-Go on new gTLD
Michael Palage : Go/No-Go on new gTLDMichael Palage : Go/No-Go on new gTLD
Michael Palage : Go/No-Go on new gTLDclaytonnarcis
 
dotDeloitte : Corporate gTLD
dotDeloitte : Corporate gTLDdotDeloitte : Corporate gTLD
dotDeloitte : Corporate gTLDclaytonnarcis
 
Edmon (dotAsia) on the new gTLD 2nd Draft
Edmon (dotAsia) on the new gTLD 2nd DraftEdmon (dotAsia) on the new gTLD 2nd Draft
Edmon (dotAsia) on the new gTLD 2nd Draftclaytonnarcis
 

Más de claytonnarcis (7)

Melbourneit Brandowners
Melbourneit BrandownersMelbourneit Brandowners
Melbourneit Brandowners
 
Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)Classic Ford Nov 2005 (Mkii Escort)
Classic Ford Nov 2005 (Mkii Escort)
 
Dennis Carlton: Impact of new gTLD on consumer welfare
Dennis Carlton: Impact of new gTLD on consumer welfareDennis Carlton: Impact of new gTLD on consumer welfare
Dennis Carlton: Impact of new gTLD on consumer welfare
 
Dennis Carlton: Price caps on new gTLD registries
Dennis Carlton: Price caps on new gTLD registriesDennis Carlton: Price caps on new gTLD registries
Dennis Carlton: Price caps on new gTLD registries
 
Michael Palage : Go/No-Go on new gTLD
Michael Palage : Go/No-Go on new gTLDMichael Palage : Go/No-Go on new gTLD
Michael Palage : Go/No-Go on new gTLD
 
dotDeloitte : Corporate gTLD
dotDeloitte : Corporate gTLDdotDeloitte : Corporate gTLD
dotDeloitte : Corporate gTLD
 
Edmon (dotAsia) on the new gTLD 2nd Draft
Edmon (dotAsia) on the new gTLD 2nd DraftEdmon (dotAsia) on the new gTLD 2nd Draft
Edmon (dotAsia) on the new gTLD 2nd Draft
 

Último

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 

Último (20)

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

Black Ops 2008: DNS Cache Poisoning Attack

  • 1. Black Ops 2008: It’s The End Of The Cache As We Know It Or: “64K Should Be Good Enough For Anyone” Dan Kaminsky Director of Penetration Testing IOActive, Inc. copyright IOActive, Inc. 2006, all rights reserved.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7. Can we watch the patching in action? (Thank you, Joichim Vidde et al, Clarified Networks)
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.  
  • 54. We’re no longer in browserland anymore…
  • 55. Remember Sidebar from Last Year?
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.  
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81. When I said The Web was broken, I wasn’t talking about just its clients. (confused?)
  • 82. Welcome to the Skeleton Key. It’s By Design.
  • 83.
  • 84.
  • 85.
  • 86.
  • 87. Would OpenID have helped?
  • 88. How did Stikis find the “friend”? Hint: DNS
  • 89.
  • 90.
  • 91.
  • 92.
  • 93.
  • 94.
  • 95.
  • 96.
  • 97.
  • 98.
  • 99.
  • 100.
  • 101.
  • 102.
  • 103.
  • 104.