Re: [dns-operations] Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS

Paul Wouters Tue, 17 Aug 2021 09:37:27 -0700

On Fri, 13 Aug 2021, Tony Finch wrote:

Subject: [dns-operations] Injection Attacks Reloaded: Tunnelling Malicious
    Payloads over DNS


David Malone pointed out to me on Twitter a paper from this year's USENIX
security symposium. It has an impressive collection of attacks on
applications that use the DNS.

https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner


Sadly, it did not test systemd-resolved or dnsmasq. Also, it did not say
which one public resolver is vulnerable (although it clearly is
vulnerable to a lot more anyway for not doing DNSSEC validation).

Paul
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Re: [dns-operations] Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS

Reply via email to