* Masataka Ohta:

> bert hubert wrote:
>> correction! Re: The math of kaminsky-spoofing a randomising source port =

> Why do you call such a well known vulnerability of DNS, which was
> documented in section 2.2 of RFC3822 in 2004 several years after it
> had been publicly known, kaminsky-spoofing?

I think you mean section 2.3 of RFC 3822. I agree that the basic
attack is presented in that section.

I'm not sure if the authors were fully aware of the implications. I
guess ISC would have rolled out source port randomization a long time
ago if they were.

> So, if an attacker have 1000 victims, the attacker needs 1/1000 less
> time to compromise one or more victims of the attacker than an attacker
> with only one victim and each victim feel 1/1000 less amount of traffic.

Correct. And as we've seen over and over again, you can actually
monetize attacks even if you don't know the identities of your victims
before you start the attack, so it's a real problem.

Florian Weimer
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstra=DFe 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99

to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.