--- Begin Message ---
Subject: [dns-operations] Injection Attacks Reloaded: Tunnelling
Malicious Payloads over DNS
David Malone pointed out to me on Twitter a paper from this year's
USENIX security symposium. It has an impressive collection of
attacks on applications that use the DNS.
https://www.usenix.org/conference/usenixsecurity21/presentation/jeitner
Sadly, it did not test systemd-resolved or dnsmasq.
dnsmasq and systemd-resolved are mentioned in the paper.
In their paper they talk about IETF efforts:
In the next steps we will be coordinating countermeasureswith the DNS
and applications vendors, as well as the IETF community.
[...]
Changing this requires a discussion in the corresponding working
groups within the IETF, which we are initiated within our disclosure
efforts.
but I've not been able to find any discussions on the usual DNS related
IETF mailing lists (like dnsop).
Did you observe this topic at any IETF WG mailing list?
For a thread about this on the powerdns-users mailing list:
https://mailman.powerdns.com/pipermail/pdns-users/2021-August/027366.html
best regards,
Christoph
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
