DNS threat/weakness/bug

GENERAL CHAT
Author
Cruzing
Very Respected Poster
Added: Sep 04, 2008 1:28 pm
I am not a geek, This is the first I have heard of this problem.
check the vid out and explain it to a DUMMY?

Vid= http://www.youtube.com/watch?v=B0dHDD9fFM4

research site= http://www.doxpara.com/

It looks serious to me??
wraith
Respected Poster
Added: Sep 04, 2008 2:27 pm
It's serious, but probably not quite as serious as you think.

In ultra simple terms, if you type in www.forumophilia.com on your browser, your browser asks your ISP's nameserver what the IP address for that is. If that nameserver hasn't seen one of those requests recently, it then goes out and asks the authoritative source for that IP address, so it can tell you. It then stores this answer in a cache for a while (usually a few hours to a week or two) so it doesn't have to go looking the next time you ask.

The attack is to slam the nameserver with a few thousand forged responses at exactly the same time that it goes looking. If one of those forged responses is built by chance in exactly the same way that the nameserver is expecting, it will take that answer over the real one, and start redirecting traffic from www.forumophilia.com to someone else's server until the maximum storage time runs out on the entry.

There are a lot of technical ways to make this attack a lot harder than it already is, so I don't expect a lot of exploits to actually make the news.
Cruzing
Very Respected Poster
Added: Sep 04, 2008 2:31 pm
Thank You, I am a slow learner, but it is so difficult to grasp programing theroy and concept for me.

Now, with your help I can go to the next level. then next and so forth.
I guess it never ends...Smile

thank you