|
|
Darren New wrote:
> It used to be trivially easy. DNS works over UDP, so a DNS server would
> send out a request for an address, and when the next server replied, it
> would go into the cache - no need to track requests vs replies.
> "Poisoning" just consisted of sending replies with bogus answers to
> servers that hadn't asked for them.
>
> I don't know how they eliminated that problem.
Each DNS request apparently has a unique ID. The server is supposed to
disregard any replies containing IDs that do not match any pending requests.
The server is also supposed to disregard any entries in the reply packet
which are not relevant to the query it actually issued. (E.g., look up
hackersoftheworld.com and have your DNS server send back
hackersoftheworld.com = XXX, amazon.com = YYY. The server is supposed to
disregard the second item, since it's unrelated to the actual query.)
Now, whether this is what happens in the field, IDK...
--
http://blog.orphi.me.uk/
http://www.zazzle.com/MathematicalOrchid*
Post a reply to this message
|
|