subject:"\[dns\-operations\] MaginotDNS\: Attacking the boundary of DNS caching protection"

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-27 Thread Stephane Bortzmeyer

On Wed, Sep 27, 2023 at 05:17:05PM +0200, Petr Špaček wrote a message of 48 lines which said: > If you are interested in the gory details, BIND's description of the issue > can be found here: > https://gitlab.isc.org/isc-projects/bind9/-/issues/2950#note_241893 >

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-27 Thread Petr Špaček

On 27. 09. 23 9:38, Ralf Weber wrote: Moin! On 27 Sep 2023, at 3:58, Xiang Li wrote: Hi Stephane, This is Xiang, the author of this paper. For the off-path attack, DoT can protect the CDNS from being poisoned. For the on-path attack, since the forwarding query is sent to the attacker's

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-27 Thread Xiang Li

Evening! I don’t think this is true otherwise all resolver implementations would > have been affected and not just a few. If you are on path direct behind > the resolver of course all bets are off, but if you are on path just > between the resolver and the forwarder those resolvers that are more

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-27 Thread Ralf Weber

Moin! On 27 Sep 2023, at 3:58, Xiang Li wrote: > Hi Stephane, > > This is Xiang, the author of this paper. > > For the off-path attack, DoT can protect the CDNS from being poisoned. > For the on-path attack, since the forwarding query is sent to the > attacker's server, only DNSSEC can mitigate

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-26 Thread Xiang Li

Hi Stephane, This is Xiang, the author of this paper. For the off-path attack, DoT can protect the CDNS from being poisoned. For the on-path attack, since the forwarding query is sent to the attacker's server, only DNSSEC can mitigate the MaginotDNS. Best, Xiang On Tue, Sep 26, 2023 at 11:42 

[dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

2023-09-26 Thread Stephane Bortzmeyer

I'm reading the paper behind "MaginotDNS: Attacking the boundary of DNS caching protection" . Am I correct to think that forwarding

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

Re: [dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

[dns-operations] MaginotDNS: Attacking the boundary of DNS caching protection

6 matches

Site Navigation

Mail list logo

Footer information