Wednesday, July 23, 2008


This summary is not available. Please click here to view the post.

Wednesday, July 16, 2008

Weighing in on the DNS thing...

My quick thoughts on the Kaminsky DNS thing, though I'm a little late to the party. Apparently it's a real thing. I spoke with someone who's lucky enough to be in the Magical Inner Circle of Truth and he agreed.

I have nothing but wild speculation here. I read through the BIND source a little, and I may be barking up the wrong tree, but it looks like the resolver doesn't randomize the QID for every query. Rather, it keeps a QID pool and checks for collisions before assigning an ID. Therefore, if you were to send a large number of queries to a bogus server where they will time out, you could effectively take those QIDs out of play. If this is a server you control, you are then able to drastically reduce the search space, since you know which QIDs you don't have to try.

Just a thought.