NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 20, 2020 10:22 UTC (Wed) by pspacek (subscriber, #96790)
In reply to: NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack by bangert
Parent article: NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Researchers followed responsible disclosure protocol and allowed vendors to implement and release mitigation before making the attack public. Now it is up to operators to upgrade.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 3:38 UTC (Thu) by pabs (subscriber, #43278) [Link] (3 responses)

I guess bangert's point is that responsible disclosure should now also include waiting for large global monopolies to roll out the updates, since they are similar to just another vendor.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 8:16 UTC (Thu) by pspacek (subscriber, #96790) [Link] (2 responses)

I'm not sure how we got to the idea they did not upgrade yet... Please elaborate and ideally suggest how to improve message directly to researchers. Their e-mails are in the paper - https://cyber-security-group.cs.tau.ac.il/dns-ns-paper.pdf.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 8:26 UTC (Thu) by pabs (subscriber, #43278) [Link] (1 responses)

I guess because the vuln website doesn't mention the status for DNS providers, just for DNS server software.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 22, 2020 6:36 UTC (Fri) by pspacek (subscriber, #96790) [Link]

I see. Web https://cyber-security-group.cs.tau.ac.il/ now explicitly mentions that public resolvers got their fixes deployed.