Basic HTML version of Foils prepared May 19 99
Foil 19 DNS Cache Poisoning (2)
From Computer Crimes: Examples of Network Security attacks Tango Group Internal Technology Seminars -- April 23 99. by Roman Markowski
|
Evil
|
|
x.y.z.w
|
|
DNS
|
|
good
|
|
DNS
|
|
evil
|
|
DNS
|
|
bank
|
|
(1) any.evil.com ?
|
|
(2) any.evil.com ?
|
|
(3) store Query ID#
|
|
(4) www.bank.com ?
|
|
(5) www.bank.com ?
|
|
(6) spoof answer:
|
|
www.bank.com=x.y.z.w
|
|
(7) Cache:
|
|
www.bank.com
|
|
= x.y.z.w
|
|
Good
|
|
(8) www.bank.com ?
|
|
(9) x.y.z.w
|
|
(10) bank transaction
|
|
Www
|
|
bank
|
© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu
If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.
Page produced by wwwfoil on Mon Aug 16 1999