[4331] in bugtraq
Re: SNI-12: BIND Vulnerabilities and Solutions (+ more problems)
daemon@ATHENA.MIT.EDU (Gene Spafford)
Thu Apr 24 13:32:02 1997
Date: Wed, 23 Apr 1997 23:13:17 -0500
Reply-To: Gene Spafford <spaf@CS.PURDUE.EDU>
From: Gene Spafford <spaf@CS.PURDUE.EDU>
X-To: Johannes Erdfelt <johan@BORG.SVENTECH.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: Message from Johannes Erdfelt <johan@BORG.SVENTECH.COM> of "Wed,
23 Apr 1997 19:34:20 -0400"
<Pine.LNX.3.95.970422142917.16221A-100000@borg.sventech.com>
FYI, the cache poisoning and MX record spoofing attacks were both
fully described in Christoph Schuba's MS thesis from COAST, done in
1992. It is available as
ftp://coast.cs.purdue.edu/pub/COAST/papers/schuba-DNS-msthesis.{ps.Z,pdf}
A shorter tech report that mentions the cache corruption plus some
other issues was done in 1994, and is available via
ftp://coast.cs.purdue.edu/pub/COAST/papers/schuba-spaf-DNS.{ps.Z,pdf}
Some of the ideas we developed in Christoph's work went back to Steve
Bellovin's paper from 1990. Thus, we can hardly consider SNI's alert
to be a "new" problem. That may explain why your (Johannes) paper of
last year didn't make much impact -- it wasn't new.
What is unfortunate is that we circulated Christoph's MS thesis to
CERT, CIAC, Sun, DEC, DISA, and a few other FIRST teams in 1992. We
held off publication of the thesis for a year for people to get the
code fixed before the details were available. Sigh. And we're still
seeing it in mid 1997 -- 5 years later, as Christoph finishes off his
PhD. Maybe we'll still be seeing it when Christoph graduates *his*
first grad student. :-(
--spaf
