ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Security and suffixes (Re: Cite on DNS-related traffic.)

2000-06-01 23:40:03
from [Harald Tveit Alvestrand] [Permanent Link] 
At 09:22 31.05.2000 -0700, Joe Touch wrote:


It may be useful to distinguish resolver behavior from browser behavior.

If the host has no more specific (explicit) resolver information,
the current fully-qualified hostname, minus the first component,
is used as the 'working suffix'. Attempts are made, with increasing
generality, to use this suffix on any partially qualified request.
so far nobody's mentioned RFC 1535, the short summary of which is "this is bloodyawfulstupidbehaviour".
If I am out to attack you, and can place a record at ANY position in your search path, I can control your offsite name lookups totally. 

In the case of someone seaarching

www.netscape.com.dept.other.edu
www.netscape.com.other.edu
www.netscape.com.edu
www.netscape.com
any DNS administrator at dept.other.edu, other.edu or com.edu(!) can prevent him from getting to www.netscape.com, instead sending him elsewhere. 

                    Harald


--
Harald Tveit Alvestrand, EDB Maxware, Norway
Harald(_dot_)Alvestrand(_at_)edb(_dot_)maxware(_dot_)no
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RFCs in print, R. Muralidharan
Next by Date:  Identification of Topology..?, Sriram Shanmugam
Previous by Thread:  BGP4, knarayan
Next by Thread:  Re: Security and suffixes (Re: Cite on DNS-related traffic.), Joe Touch
Indexes:  [Date] [Thread] [Top] [All Lists]