nanog mailing list archives

Re: A Deep Dive on the Recent Widespread DNS Hijacking

From: Hank Nussbacher <hank () efes iucc ac il>
Date: Mon, 25 Feb 2019 15:16:23 +0200

On 25/02/2019 11:37, Ask Bjørn Hansen wrote:

On Feb 24, 2019, at 22:03, Hank Nussbacher <hank () efes iucc ac il> wrote:

Did you have a CAA record defined and if not, why not?

If the attacker got a CA to issue the cert because they changed the DNS server to be their own, a CAA record wouldn’t 
have helped (or at least been even easier to thwart than DNSSEC).

Yes if an attacker pwned the DNS then game over no matter what. I gounder the assumption that the attacker was not able to take over the DNSsystem but rather other things along the way, in which case CAA shouldbe of some assistance.


-Hank

Ask

Current thread:

RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking, (continued)
- - - RE: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Keith Medcalf (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Hunter Fuller (Feb 26)
    - Re: 2FA, was A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Saku Ytti (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Tony Finch (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Paul Ebersman (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Ross Tajvar (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 24)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Hank Nussbacher (Feb 24)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Ask Bjørn Hansen (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Hank Nussbacher (Feb 25)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Sander Steffann (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Michael Hallgren (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bjørn Mork (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Ca By (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking David Conrad (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Ca By (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking John Levine (Feb 26)
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 26)
    - Message not available
    - Re: A Deep Dive on the Recent Widespread DNS Hijacking Bill Woodcock (Feb 26)

(Thread continues...)