On Sat, Jan 2, 2010 at 12:51 PM, Patrick Vande Walle <patrick@isoc.lu> wrote:
Joe Baptista wrote, On 31/12/09 17:20:
This is a false allegation that the press has repeated without any investigation of the facts. Kaminisky never discovered anything he simply repackaged an existing well known problem as his own. Also the DNS protocol is not vulnerable in itself nor is it a security risk. The security problem is not in the DNS protocol but in the transport protocol used for DNS transactions. In this case it is the UDP protocol that is vulnerable to attack.
This problem has existed for at least 15 years. I remember it existed in the 1990's when I was commissioned to investigate vulnerabilities in military DNS servers.
That's interesting. Any pointers to the to the study you released at the time, that may justify your claim that you discovered the vulnerability 14 year before Kaminsky ?
I believe that !Dr.Joe at that time was still playing with fax machines. But there are several papers/proceedings that pinpointed many vulnerabilities and potential attach schemes to TCP/IP and other protocols/systems such as DNS, none from !Dr.Joe. A good pointer to just start with the classics are Steven Bellovin's publications available at http://www.cs.columbia.edu/~smb/papers/. A particular one where Steven introduced the issue of cache poisoning (that at that time was called contamination) is http://www.cs.columbia.edu/~smb/papers/dnshack.pdf I've also the ppt presentation somewhere if you are interested. Regards Jorge