The Black Ops Of Dns presented at Blackhat USA 2004

by Dan Kaminsky,

Tags: Security DNS

Summary : The Domain Name System is a
powerful, flexible, and integral part of the Internet. Somewhat
analogous to the 411 information service offered throughout American
telephone system, DNS's most common use is to translate names—such as
www.blackhat.com—to addresses— 216.231.63.34. But behind this
deceptively simple operation lies a complex and interesting system,
distributed widely but with a deeply centralized core. Though most
commonly used to execute simple translations of the sort mentioned
earlier, three aspects of the machinery lend themselves to more creative
exploits. By creatively abusing the heirarchal, recursive, and
cache-oriented nature of the multi-million-node DNS architecture, we can
effect a range of unexpected functionality, including firewall
penetration, bidirectional anonymous communication, large scale data
transmission, and even "Voice over DNS".