[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] The cat is indeed out of the bag

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] The cat is indeed out of the bag
From: "mokum von Amsterdam" <smokum@xxxxxxxxx>
Date: Wed, 23 Jul 2008 16:57:53 +0200

On Wed, Jul 23, 2008 at 4:22 PM, Robert McKay <robert@xxxxxxxxx> wrote:
>
>
> On Tue, Jul 22, 2008 at 3:36 AM, <monsieur.aglie@xxxxxxxxxxxx> wrote:
>>
>> from chargen 19/udp by ecopeland
>>
>> 0.
>>
>> The cat is out of the bag. Yes, Halvar Flake figured out the flaw
>> Dan Kaminsky will announce at Black Hat.
>> 1.
>
> I believe I may have found an important optimisation to this attack.
>
> Basically I observed that if you make a DNS request with a very long QNAME
> then nameservers start dropping GLUE records in order to fit the reply into
> the maximum UDP packet size.

Are you not supposed to keep DNS issues under your hat and disclose at BH only?

Cheers
-- 
Mark Andrews wrote:
> ...  I like simple tools.
This is the list for you then -- there are lots of folk meeting the
description here... --- Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] The cat is indeed out of the bag
  - From: Peter Dawson

References:
- [Full-disclosure] The cat is indeed out of the bag
  - From: monsieur . aglie
- Re: [Full-disclosure] The cat is indeed out of the bag
  - From: Robert McKay

Prev by Date: Re: [Full-disclosure] The cat is indeed out of the bag
Next by Date: Re: [Full-disclosure] The cat is indeed out of the bag
Previous by thread: Re: [Full-disclosure] The cat is indeed out of the bag
Next by thread: Re: [Full-disclosure] The cat is indeed out of the bag
Index(es):
- Date
- Thread