Campus Event Calendar: Haya Shulman (02/12/2013 in E1 5/029)

Campus Event Calendar

Campus Event Calendar:
- All Upcoming:
  - only for D1
  - only for D2
  - only for INET
  - only for D4
  - only for D5
  - only for D6
  - only for RG1
  - Mailing Lists
  - by Speaker
  - by Type
  - by Category
  - by Title
  - Calendar
  - RSS Feed
- History of Events:

Event Entry

What and Who

Towards a Secure DNS

Haya Shulman

Bar Ilan University, Israel

SWS Colloquium

AG 1, AG 2, AG 3, AG 4, AG 5, SWS, RG1, MMCI

MPI Audience

English

Note: We use this to send email in the morning.

Date, Time and Location

Tuesday, 12 February 2013

13:00

90 Minutes

E1 5

029

Saarbrücken

Abstract

Most caching DNS resolvers still rely for their security, against poisoning, on validating that the DNS responses contain
some ‘unpredictable’ values, copied from the request. These values include the 16 bit identifier field, and other fields,

randomised and validated by different ‘patches’ to DNS. We investigate the prominent patches, and show how off-path
attackers can circumvent all of them, exposing the resolvers to cache poisoning attacks.
We present countermeasures preventing our attacks; however, we believe that our attacks provide additional motivation for
adoption of DNSSEC (or other MitM-secure defenses).
We then investigate vulnerabilities in DNSSEC configuration among resolvers and zones, which reduce or even nullify the
protection offered by DNSSEC. Finally we provide our recommendations and countermeasures to prevent the vulnerabilities.

Contact

Stephanie Feyahn

302 71922

--email hidden

Video Broadcast

Video Broadcast:

Yes

To Location:

Kaiserslautern

To Building:

G26

To Room:

206

Cisco Meeting ID:

System used:

Meeting URL:

Meeting ID:

Passcode:

passcode not visible

Code Visible for:

logged in users only

Claudia Richter, 02/07/2013 14:45 -- Created document.

Imprint / Impressum | Data Protection / Datenschutzhinweis