Fragmentation Considered Poisonous

@article{Herzberg2012FragmentationCP,
  title={Fragmentation Considered Poisonous},
  author={Amir Herzberg and Haya Shulman},
  journal={CoRR},
  year={2012},
  volume={abs/1205.4011}
}
We present effective off-path DNS cache poisoning attacks, circumventing all widely-used defenses against poisoning, based on echoing of random challenges from request to response, e.g., port randomisation and query randomisation (0x20). The attacks mainly depend on the use of UDP to retrieve long DNS responses, resulting in packet fragmentation. We show how attackers are often able to cause such fragmented responses, and then abuse them to inject fake, ‘poisonous‘ records, into legitimate DNS… CONTINUE READING
Highly Cited
This paper has 37 citations. REVIEW CITATIONS