Wednesday, July 16, 2008

Weighing in on the DNS thing...

My quick thoughts on the Kaminsky DNS thing, though I'm a little late to the party. Apparently it's a real thing. I spoke with someone who's lucky enough to be in the Magical Inner Circle of Truth and he agreed.

I have nothing but wild speculation here. I read through the BIND source a little, and I may be barking up the wrong tree, but it looks like the resolver doesn't randomize the QID for every query. Rather, it keeps a QID pool and checks for collisions before assigning an ID. Therefore, if you were to send a large number of queries to a bogus server where they will time out, you could effectively take those QIDs out of play. If this is a server you control, you are then able to drastically reduce the search space, since you know which QIDs you don't have to try.

Just a thought.

No comments: