On 8/17/21, Paul Wouters wrote: > On Fri, 13 Aug 2021, Tony Finch wrote: > >> Subject: [dns-operations] Injection Attacks Reloaded: Tunnelling >> Malicious >> Payloads over DNS >> >> David Malone pointed out to me on Twitter a paper from this year's USENIX >> security symposium. It has an impressive collection of attacks on >> applications that use the DNS. >> >> https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner > > Sadly, it did not test systemd-resolved or dnsmasq.
If you have a system that uses systemd-resolved or dnsmasq you can test them at https://xdi-attack.net/test.html For whatever it's worth, I get 'Your resolver is not vulnerable ...' for each test if I have check-names response fail; in my bind named.conf But every single 'Special character filtering' test comes back 'was not filtered by your resolver' if I remove check-names :( Regards, Lee _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
