[lacnog] Interesante paper de CAIDA sobre posible vector de ataque de DNS
Alejandro Acosta
alejandroacostaalamo en gmail.com
Mar Jul 7 21:35:53 GMT+3 2020
Hola Nico,
Eso es algo que pasa muy frecuente, buen punto el que traes a colación.
Un ejemplo, este año pasó esto:
https://www.zdnet.com/article/microsoft-has-a-subdomain-hijacking-problem/
Saludos,
On 7/7/20 8:11 PM, Nicolas Antoniello wrote:
> Les adjunto un link a un interesante paper de CAIDA sobre la
> importancia de mantener los archivos de Zona de DNS actualizados y
> "limpios".
>
> https://www.caida.org/publications/papers/2020/forgotten_side_dns/
>
>
> The Forgotten Side of DNS: Orphan and Abandoned Records
>
> DNS zone administration is a complex task involving manual work and
> several entities and can therefore result in misconfigurations. Orphan
> records are one of these misconfigurations, in which a glue record for
> a delegation that does not exist anymore is forgotten in the zone
> file. Orphan records are a security hazard to third-party domains that
> have these records in their delegation, as an attacker may easily
> hijack such domains by registering the domain associated with the
> orphan. The goal of this paper is to quantify this misconfiguration,
> extending previous work by Kalafut et al., by identifying a new type
> of glue record misconfiguration – which we refer to as abandoned
> records – and by performing a broader characterization. Our results
> highlight how the situation has changed, not always for the better,
> compared to a decade-old study.
>
> Fraterno saludo,
> Nico
>
>
> _______________________________________________
> LACNOG mailing list
> LACNOG en lacnic.net
> https://mail.lacnic.net/mailman/listinfo/lacnog
> Cancelar suscripcion: https://mail.lacnic.net/mailman/options/lacnog
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <https://mail.lacnic.net/pipermail/lacnog/attachments/20200707/6a15aa87/attachment.html>
Más información sobre la lista de distribución LACNOG