Attacking Distributed Systems: The Dns Case Study presented at Blackhat Europe 2005

by Dan Kaminsky,

Tags: Security DNS

Summary : In "Black Ops of DNS", I examined how aspects of the domain name infrastructure could be repurposed into allowing illicit network access, attacker detection of incident response / forensic analysis, and even large scale data streaming. Here, I'll demonstrate further, more mature attacks against the DNS infrastructure, and document the analysis process by which one can "see a distributed protocol as a hacker might" using DNS as a case study. I will also discuss how the use of MD5 in distributed protocols opens up new and unexpected avenues for attack.