[1537] in WWW Security List Archive
Re: _DNS_ security problems
daemon@ATHENA.MIT.EDU (EKR)
Sun Feb 25 15:09:17 1996
Date: Sun, 25 Feb 1996 09:26:19 -0800
From: EKR <ekr@terisa.com>
To: www-security@ns2.rutgers.edu
Cc: strombrg@test34a.acs.uci.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Dan writes:
>In this case, yes, a fix for this should be added to java, and if sun
>chooses to do so, it should be commended for it, but that is only _because_
>DNS is insecure. The DNS should still be fixed, it's just a longer-term,
>(much) more time-consuming fix. If there is no longer a list of what
>addresses have been delegated where (ahhh shortsightedness!), an effort
>to (re)build the information should be mounted; Ensure a hierarchy of
>machines providing a canonical list (in distributed manner) of who can
>legitimately advertise what addresses and names (covers A, CNAME, MX,
>whatever), and check for validity when moving up the tree. You can lie
>about your own HINFO's if you want, in practice they aren't highly
>accurate anyway.
I did try to be clear about what the problem was, but it seems I
wasn't clear enough. There _IS_ a list of backpointers from addresses
to domain names. It's the in_addr.arpa domain. If Java checked
that as well in order to do its verification, as say TCP Wrappers
does, then this attack would be impossible (barring genuine
DNS spoofing, which, as I said, will be stopped by DNSSec as
it is already specified.
-Ekr
