Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: [White Paper] Predictability of Windows DNS resolver
- From: Howell, Paul
- Date: Thu Mar 11 13:08:40 2004
-----Original Message-----
From: Roberto Larcher [mailto:robertolarcher@hotmail.com]
Sent: Thursday, March 11, 2004 3:05 AM
To: secpapers@securityfocus.com
Subject: [White Paper] Predictability of Windows DNS resolver
[Title]
Predictability of Windows DNS resolver
[Abstract]
The main DNS security issues have very often focused on server side problems
and vulnerabilities. This paper focuses on Windows client DNS service, also
called DNS resolver. This paper explains how it is often possible to predict
the "Transaction ID" and the "UDP port number" used by Windows' DNS
Resolver. With this information it will be shown how it is possible, under
certain conditions, to win the race against the regular DNS server and
hijack, for example, a TCP/IP session. Even if this problem has been
reported to Microsoft's security experts and we both agreed that there is no
immediate threat or security vulnerability, it may be used to attack Windows
LAN and WAN clients for example at startup. In WLAN too, which shares the
medium and then is subjected to the well-known DNS attacks based on
sniffing, this predictability increases the chances of being effectively
attacked. Microsoft informed me that the concerns mentioned in this paper
will be addressed in future versions of its products.
[Links]
http://webteca.altervista.org/whitepapers.htm
[Contact Information]
ing. Roberto Larcher
robertolarcher (at) hotmail.com
http://webteca.altervista.org
------------------------------------------------------------------------
To unsubscribe from netsec, send mail to majordomo@merit.edu
with a body consisting of the words "unsubscribe netsec" --
without the quotes. For more help, send a message to majordomo@merit.edu
with the word "help" as the body.
------------------------------------------------------------------------
|
