What was theoretically feasible has been practically tested : "BIND used fully randomized source port range, i.e. around 64000 ports. Two attacking servers, connected to the attacked one via GigE link, were used, each one attacked 1-2 ports with full ID range. Usually attacking server is able to send about 40-50 thousands fake replies before remote server returns the correct one, so if port was matched probability of the successful poisoning is more than 60%. Attack took about half of the day, i.e. a bit less than 10 hours."
More Info :
http://tservice.net.ru/~s0mbre/blog/devel/networking/dns/2008_08_08.html
The Problem with Treating Data as a Commodity
-
Excellent Brookings paper: “Why data ownership is the wrong approach to
protecting privacy.”
From the introduction:
Treating data like it is property fa...
1 hour ago
0 comments
Post a Comment