What was theoretically feasible has been practically tested : "BIND used fully randomized source port range, i.e. around 64000 ports. Two attacking servers, connected to the attacked one via GigE link, were used, each one attacked 1-2 ports with full ID range. Usually attacking server is able to send about 40-50 thousands fake replies before remote server returns the correct one, so if port was matched probability of the successful poisoning is more than 60%. Attack took about half of the day, i.e. a bit less than 10 hours."
More Info :
http://tservice.net.ru/~s0mbre/blog/devel/networking/dns/2008_08_08.html
Friday Squid Blogging: Squid-Shaped UFO Spotted Over Texas
-
Here’s the story. The commenters on X (formerly Twitter) are unimpressed.
As usual, you can also use this squid post to talk about the security
stories i...
6 hours ago
0 comments
Post a Comment