Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: US-CERT Vulnerability Note VU#800113


On Jul 25, 2008, at 10:02 AM, Dave Pooser wrote: 

I send your user an email advertising cute kitten movies at
site1.example.net, and your user clicks on the link.

I control DNS for example.net, so now I have an initial response to work
with; I know your server's address and a starting port number.

site1.example.net has embedded images that are links to
bogus001.bankofamerica.com through bogus2000.bankofamerica.com. This means
your server will be querying bankofamerica.com name servers for invalid
hosts, and I know it, and I know where to direct my spoofed answers complete
with a spoofed NS record. Now I flood your server with false responses.



I like that attack vector, and wasn't quite understanding that's what you meant in your first post so I do stand a bit corrected - hats off to you ;-)

However one could mitigate the issue of a venerable OS X DNS server with said attack by setting up the server to just do 'forward only' (or perhaps even forward first) that way DNS queries coming to example.net are from a patched server as long as the forwarding server is up.


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden

This email sent to email@hidden
References: 
 >Re: US-CERT Vulnerability Note VU#800113 (From: Dave Pooser <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.