NNSquad - Network Neutrality Squad
[ NNSquad ] Subverting BIND's SRTT Algorithm: Derandomizing NS Selection
Subverting BIND's SRTT Algorithm: Derandomizing NS Selection
http://j.mp/13Zbwir (Security Intelligence)
"Today I presented at USENIX WOOT '13 a new vulnerability that we had
found in BIND, the most popular DNS server. Exploiting this
vulnerability allows to reduce the amount of effort required for an
off-path (blind) DNS cache poisoning attack. The whitepaper is now
publicly available, together with the presentation and ISC's (the
organization behind BIND) notification. In this blog post I will
describe the vulnerability in a less formal fashion."
- - -
--Lauren--
Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
Founder:
- Network Neutrality Squad: http://www.nnsquad.org
- PRIVACY Forum: http://www.vortex.com/privacy-info
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
_______________________________________________
nnsquad mailing list
http://lists.nnsquad.org/mailman/listinfo/nnsquad