Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: The cat is indeed out of the bag
From: "mokum von Amsterdam" <smokum () gmail com>
Date: Wed, 23 Jul 2008 16:57:53 +0200

On Wed, Jul 23, 2008 at 4:22 PM, Robert McKay <robert () mckay com> wrote:

On Tue, Jul 22, 2008 at 3:36 AM, <monsieur.aglie () hushmail com> wrote:

from chargen 19/udp by ecopeland


The cat is out of the bag. Yes, Halvar Flake figured out the flaw
Dan Kaminsky will announce at Black Hat.

I believe I may have found an important optimisation to this attack.

Basically I observed that if you make a DNS request with a very long QNAME
then nameservers start dropping GLUE records in order to fit the reply into
the maximum UDP packet size.

Are you not supposed to keep DNS issues under your hat and disclose at BH only?

Mark Andrews wrote:
...  I like simple tools.
This is the list for you then -- there are lots of folk meeting the
description here... --- Nick FitzGerald

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]