On Fri, Nov 13, 2020 at 10:39:30PM -0500, John Levine wrote: > This paper from UC Riverside given at this week's ACM CCS '20 > conference describes a DNS cache poisoning attack that uses weaknesses > in UDP stacks. They say it works on real public caches including > Cloudflare, Google, and Quad 9, > > https://www.cs.ucr.edu/~zhiyunq/pub/ccs20_dns_poisoning.pdf
The paper concludes in 8.1 that DNS COOKIE mitigates this problem, which
is also obvious from the problem description. The Kaminsky style attack
is still effective, and COOKIE still mitigates it.
Mukund
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
