|
|
Subscribe / Log in / New account

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 3:38 UTC (Thu) by pabs (subscriber, #43278)
In reply to: NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack by pspacek
Parent article: NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

I guess bangert's point is that responsible disclosure should now also include waiting for large global monopolies to roll out the updates, since they are similar to just another vendor.

to post comments

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 8:16 UTC (Thu) by pspacek (subscriber, #96790) [Link] (2 responses)

I'm not sure how we got to the idea they did not upgrade yet... Please elaborate and ideally suggest how to improve message directly to researchers. Their e-mails are in the paper - https://cyber-security-group.cs.tau.ac.il/dns-ns-paper.pdf.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 21, 2020 8:26 UTC (Thu) by pabs (subscriber, #43278) [Link] (1 responses)

I guess because the vuln website doesn't mention the status for DNS providers, just for DNS server software.

NXNSAttack: upgrade resolvers to stop new kind of random subdomain attack

Posted May 22, 2020 6:36 UTC (Fri) by pspacek (subscriber, #96790) [Link]

I see. Web https://cyber-security-group.cs.tau.ac.il/ now explicitly mentions that public resolvers got their fixes deployed.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds