DNS Issue

Recently, I attended HITB Conference here in Malaysia and found one of the section was very interesting. The titile is “Pushing the Camel Through the Eye of a Needle” by Charl van der Walt from Sensepost. I noticed that one of the tool used by him is dns2tcp which allow us to relay TCP connections through DNS traffic. I found it quite interesting, so I decided to test it.

While I was doing the testing, I came across an article quoting that one in four public DNS is still insecure and vulnerable to Kaminsky flaw. Even though DNS is consider one of the key foundation of today Internet, a lot of people still take it very lightly. Since DNS can cause many types of attacks and issues to the Internet, I decided to spend some time to explain in the next few posts about what DNS is and how exactly the DNS flaw can affect everyone.

For a start, the diagram showing on the right is how domain name arranged in a tree.

• Search for:

• Recent Posts

  • DNS Issue
  • Gooscan… Goo scanning???
  • Hack In The Box Security Conference 2008
  • Job Scope
  • Hello Security World!

• Categories

  • Conference
  • DNS
  • Miscellaneous
  • Security Tools

• Archives

  • November 2008
  • August 2008

• Tags

  black hat capture the flag Conference CTF DNS dns2tcp DNS flaw Domain Name System Google Google Search Appliance hack in the box HITB internet security knowledge IT security job scope Kaminsky Kaminsky flaw network security search Search Engines Security security conference security issue Web server

Copyright © 2007 Paranoid About Security • Using Dropshadow theme by Brian Gardner