[lacnog] Interesante paper de CAIDA sobre posible vector de ataque de DNS
Nicolas Antoniello
nantoniello en gmail.com
Mar Jul 7 21:11:29 GMT+3 2020
Les adjunto un link a un interesante paper de CAIDA sobre la importancia de
mantener los archivos de Zona de DNS actualizados y "limpios".
https://www.caida.org/publications/papers/2020/forgotten_side_dns/
The Forgotten Side of DNS: Orphan and Abandoned Records
DNS zone administration is a complex task involving manual work and several
entities and can therefore result in misconfigurations. Orphan records are
one of these misconfigurations, in which a glue record for a delegation
that does not exist anymore is forgotten in the zone file. Orphan records
are a security hazard to third-party domains that have these records in
their delegation, as an attacker may easily hijack such domains by
registering the domain associated with the orphan. The goal of this paper
is to quantify this misconfiguration, extending previous work by Kalafut et
al., by identifying a new type of glue record misconfiguration – which we
refer to as abandoned records – and by performing a broader
characterization. Our results highlight how the situation has changed, not
always for the better, compared to a decade-old study.
Fraterno saludo,
Nico
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20200707/c30b5b16/attachment.html>
Más información sobre la lista de distribución LACNOG