All Your Hostnames are Belong to Us

The Domain Name System (DNS) is the backbone of the internet. It translates written URLs into IP addresses and allows computers to establish the relevant communications and protocols that they require. The trust and security of DNS is essential for a safe and secure internet. While DNS is often overlooked as a trivial matter it can be leveraged in many ways to produce everything from information disclosure to Distributed Denial of Service (DDoS) attacks.

Over the last twelve months the team has been researching a DNS vulnerability in the educational realm. Originally found by accident, the problem was much more widespread than anticipated. To explore the severity of the issue a systematic approach was taken in order to profile what extent different countries were affected. The results were fascinating. What was initially thought to be a minor issue was quickly identified as endemic across the UK and parts of Europe. A legacy vulnerability, now 20 years old still at large.

Significant amounts of information could be enumerated; attackers love this, it makes their job a lot easier. During the talk we will examine the reasons, implications and lessons learned. We will also be releasing “therecursivefatman.py”, which will enable those affected to audit their servers. We will demonstrate examples of how this information could be practically leveraged by an attacker in order to gain easier access to target systems.

In a world of new uber-l33t Zero-days every week, it’s concerning that even the simple stuff two decades on still works.

60 Minute Briefings
Location: Haxpo Briefings Track Date: May 27, 2015 Time: 15:00 - 16:00 Paul Mason Kyle Fleming Andrew Gill Download Materials