Security researchers have managed to exploit an old vulnerability in the implementation of the Domain Name System (DNS) to override safeguards and reanimate an attack that was killed in 2008.
The good news however is that before making their findings public, the researchers privately shared their findings with DNS providers and software developers, many of whom have implemented a fix to mitigate the vulnerability.
Name your poison
Dan Kaminsky first highlighted a major shortcoming in the implementation of the DNS protocol in 2008. When exploited it would send visitors to malicious websites instead of the ones they typed into their web browser windows.
Kaminsky’s DNS cache poisoning attack sent everyone scurrying for a solution and the reputable DNS providers soon implemented a fix.
That was until security researchers presented a novel approach to side step the fix and make it possible to send traffic to malicious IP addresses once again.
In simple terms, the solution to Kaminsky’s attack was to randomize the number of the source port sending the DNS request. The new attack, dubbed SAD (Side channel AttackeD) DNS cleverly derandomizes the source port.
The research was presented at the 2020 ACM Conference on Computer and Communications Security. The researchers also have a website for the new attack where they share more details and allow you to test whether your DNS resolver is vulnerable.
social experiment by Livio Acerbo #greengroundit #techradar https://www.techradar.com/news/cured-dns-hack-makes-a-surprising-comeback