Paul Vixie's response...

[Dave Aitel <dave () immunityinc com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


________________

dave, i was fwd'd this note by roland dobbins of cisco.  plz consider 
posting
my reply to your mailing list.  or if you'd prefer, i can just blog 
about it.

| > From: Dave Aitel <dave () immunityinc com>
| > Date: July 13, 2008 12:38:35 AM GMT+07:00
| > To: dailydave () lists immunityinc com
| > Subject: [Dailydave] The audacity of thinking you're not owned
| >
| > I have to wonder about a strategy that implies that Paul Vixie is not
| > owned by lots of different people.

me too but it's all i've got on hand and these are difficult times.  
actually
i've got others (dan kaminsky, david dagon, florian weimer, CMU CERT, jinmei
tatuya, john kristoff, ben laurie, bert hubert, sean leach) to vouch for me
not being owned, at least regarding CERT VU# 800113.  i guess there's a way
of wondering whether we're all owned, but sooner or later you've got to pick
somebody to trust, these are the folks i picked, your mileage may vary.

| > Anyways here is my guess of the day.
| >
| > There's 4 things that DNS checks, two of which are random in the 
"immune"
| > djbdns code. One is the TXID (16 bits) and one is the source port.
| > Assuming the "fix" for broken implementations is to randomize the source
| > port, this means the TXID must be easily guessed. Amit's paper talks a
| > bit about doing this sort of thing, but doesn't come into "easy" range.

interesting guess.  since i'm not the discoverer (it was dan kaminsky), i'm
not in a position to confirm or deny.  i do wonder what good you think 
can be
accomplished by guessing.  do you think dan was wrong to get the notice and
the patches out in advance of the full disclosure he plans for black 
hat?  if
you happen to guess it, will you publish early, based on some kind of "the
people have a right to know" philosophy?

| > So here's what I think the exploit is, which is a slightly advanced
| > method of some of Amit's stuff. I'm not a DNS (or crypto, for that
| > matter) expert, so feel free to fill me in on where I'm missing stuff.
| >
| > 1. You can use the TTL to find out when to do your spoofing.
| > 2. Use your own DNS to respond to some requests setting TTL=0 to get a
| > long list of TXIDs from the resolver.
| > 3. Map this list of TXIDs into an internal RNG state using a rainbow
| > table. This lets you predict the next set of TXID's with just a hash
| > lookup.
| > 4. Make a request for mail.google.com and send your spoofed packets to
| > infect the cache.

that is so cool!  thanks for all your great work.

paul

- --
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIelmKtehAhL0gheoRAs4CAJ4kQIRPT5FrQk/w8F3CbKYB1wJYYwCeOPel
6nPojMjgD2Hb55MdjXfT9xE=
=gIlO
-----END PGP SIGNATURE-----

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave