Skip to main content
SpringerLink
Log in

The Hitchhiker’s Guide to DNS Cache Poisoning

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2010)

Abstract

DNS cache poisoning is a serious threat to today’s Internet. We develop a formal model of the semantics of DNS caches, including the bailiwick rule and trust-level logic, and use it to systematically investigate different types of cache poisoning and to generate templates for attack payloads. We explain the impact of the attacks on DNS resolvers such as BIND, MaraDNS, and Unbound and their implications for several defenses against DNS cache poisoning.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Internet Systems Consortium BIND 9.4.1, http://www.isc.org/downloadtables

  2. Abadi, M., Blanchet, B.: Computer-assisted verification of a protocol for certified email. Sci. Comput. Program. 58(1-2), 3–27 (2005)

    Article  MathSciNet  MATH  Google Scholar 

  3. Atkins, D., Austein, R.: Threat Analysis of the Domain Name System (DNS). RFC 3833, Informational (August 2004)

    Google Scholar 

  4. Bau, J., Mitchell, J.: A security evaluation of DNSSEC with NSEC3. In: NDSS (2010)

    Google Scholar 

  5. Bernstein, D.J.: DNSCurve, http://DNSCurve.org

  6. Blanchet, B.: Automatic verification of correspondences for security protocols. J. Computer Security (2009)

    Google Scholar 

  7. Dagon, D., Antonakakis, M., Vixie, P., Jinmei, T., Lee, W.: Increased DNS forgery resistance through 0x20-bit encoding. In: CCS (2008)

    Google Scholar 

  8. Doughety, C.R.: Vulnerability note vu#800113 (2008), https://www.kb.cert.org/vuls/id/800113

  9. Eastlake, D.: Domain Name System Security Extensions. RFC 2535 (Proposed Standard) (March 1999), Obsoleted by RFCs 4033, 4034, 4035, updated by RFCs 2931, 3007, 3008, 3090, 3226, 3445, 3597, 3655, 3658, 3755, 3757, 3845

    Google Scholar 

  10. Elz, R., Bush, R.: Clarifications to the DNS Specification. RFC 2181 (Proposed Standard) (July 1997), Updated by RFCs 4035, 2535, 4343, 4033, 4034

    Google Scholar 

  11. Høy, J.: Anti DNS spoofing - extended query ID (XQID) (April 2008), http://www.jhsoft.com/dns-xqid.htm

  12. Jackson, C., Barth, A., Bortz, A., Shao, W., Boneh, D.: Protecting browsers from DNS rebinding attacks. In: CCS (2007)

    Google Scholar 

  13. Kaminsky, D.: Black ops 2008-it’s the end of the cache as we know it. Presented at BlackHat 2008 (2008)

    Google Scholar 

  14. King, T.: Packet sniffing in a switched environment (August 2002), http://www.sans.org/reading_room/whitepapers/networkdevs/

  15. Klein, A.: BIND 9 DNS cache poisoning (March 2007), http://www.trusteer.com/bind9dns

  16. NLnet Labs. Unbound 1.3.4, http://www.unbound.net/download.html

  17. Mockapetris, P.V.: Domain names - concepts and facilities. RFC 1034 (Standard) (November 1987), Updated by RFCs 1101, 1183, 1348, 1876, 1982, 2065, 2181, 2308, 2535, 4033, 4034, 4035, 4343, 4035, 4592

    Google Scholar 

  18. Mockapetris, P.V.: Domain names - implementation and specification. RFC 1035 (Standard) (November 1987), Updated by RFCs 1101, 1183, 1348, 1876, 1982, 1995, 1996, 2065, 2136, 2181, 2137, 2308, 2535, 2845, 3425, 3658, 4033, 4034, 4035, 4343

    Google Scholar 

  19. Olnet, M., Mullen, P., Miklavcic, K.: Dan Kaminsky’s 2008 DNS vulnerability (2008), http://www.ietf.org/mail-archive/web/dnsop/current/pdf2jgx6rzxN4.pdf

  20. Perdisci, R., Antonakakis, M., Luo, X., Lee, W.: WSEC DNS: Protecting recursive DNS resolvers from poisoning attacks. In: DSN-DCCS (2009)

    Google Scholar 

  21. Sacramento, V.: Vulnerability in the sending requests control of Bind version 4 and 8 allows DNS spoofing (November 2002), http://www.rnp.br/cais/alertas/2002/cais-ALR-19112002a.html

  22. Schuba, C.: Addessing weaknesses in the domain name system protocol (1993), http://ftp.cerias.purdue.edu/pub/papers/christoph-schuba/

  23. Secure Works. DNS cache poisoning - the next generation (2007), http://www.secureworks.com/research/articles/dns-cache-poisoning

  24. S. Trenholme. MaraDNS 1.3.07.09, http://www.maradns.org .

  25. Computer Academic Underground, http://www.caughq.org/exploits/CAU-EX-2008-0003.txt

  26. Wijngaards, W.: Resolver side mitigations (August 2008), http://tools.ietf.org/html/draft-wijngaards-dnsext-resolver-side-mitigation-00

Download references

Author information

Authors and Affiliations

  1. The University of Texas, Austin, USA

    Sooel Son & Vitaly Shmatikov

Authors
  1. Sooel Son
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vitaly Shmatikov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Secure Information Systems, George Mason University, 4400 University Drive, 22030-4422, Fairfax, VA, USA

    Sushil Jajodia

  2. Institute for Infocomm Research, 1 Fusionopolis Way, 21-01 Connexis, 138632, South Tower, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Son, S., Shmatikov, V. (2010). The Hitchhiker’s Guide to DNS Cache Poisoning. In: Jajodia, S., Zhou, J. (eds) Security and Privacy in Communication Networks. SecureComm 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 50. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16161-2_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16161-2_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16160-5

  • Online ISBN: 978-3-642-16161-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation