open recursive nameservers
play

Open Recursive Nameservers P. van Abswoude P. Tavenier System and - PowerPoint PPT Presentation

Jun 27, 2023 •421 likes •776 views

What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Open Recursive Nameservers P. van Abswoude P. Tavenier System and Network Engineering University of Amsterdam February 7, 2007 Open

  1. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Open Recursive Nameservers P. van Abswoude P. Tavenier System and Network Engineering University of Amsterdam February 7, 2007 Open Recursive Nameservers 1 / 17

  2. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Introduction What we are going to tell . . . What is the problem? What is a Caching Open Recursive Nameserver? Practical Research Reconnaissance work DNS query (maximum UDP packet size) DNS answer (TXT records) UDP and DNSSEC An actual DNS DDoS attack Defending strategies Do we have to be concerned of large DNS DDoS attacks using CORNS? Open Recursive Nameservers 2 / 17

  3. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Once Upon A Time . . . The Internet was a happy place where it was easy to help your friends and neighbors: Telnet was THE remote administration tool/protocol Open SMTP relays were the norm rather than the exception Nameservers were Open Recursive . . . etc. In short: the Internet was build to be used by everybody – NOT abused! Open Recursive Nameservers 3 / 17

  4. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work But unfortunately, things change . . . In 2006 several high-impact Distributed Denial of Service (DDoS) attacks. Primary attackers: Caching Open Recursive Nameservers further revered to as CORNs. Open Recursive Nameservers 4 / 17

  5. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work But unfortunately, things change . . . In 2006 several high-impact Distributed Denial of Service (DDoS) attacks. Primary attackers: Caching Open Recursive Nameservers further revered to as CORNs. Open Recursive Nameservers 4 / 17

  6. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work What is a CORN? What is a DNS server? Converts FQDN to IP-addresses and vice versa What is a Open Recursive Nameserver (further: ORN) A recursive NS for the whole wide world What is Caching Open Recursive Nameserver Open Recursive Nameservers 5 / 17

  7. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work What is a CORN? What is a DNS server? Converts FQDN to IP-addresses and vice versa What is a Open Recursive Nameserver (further: ORN) A recursive NS for the whole wide world What is Caching Open Recursive Nameserver Open Recursive Nameservers 5 / 17

  8. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work What is a CORN? What is a DNS server? Converts FQDN to IP-addresses and vice versa What is a Open Recursive Nameserver (further: ORN) A recursive NS for the whole wide world What is Caching Open Recursive Nameserver Open Recursive Nameservers 5 / 17

  9. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work What is a CORN? What is a DNS server? Converts FQDN to IP-addresses and vice versa What is a Open Recursive Nameserver (further: ORN) A recursive NS for the whole wide world What is Caching Open Recursive Nameserver Open Recursive Nameservers 5 / 17

  10. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work What is a CORN? What is a DNS server? Converts FQDN to IP-addresses and vice versa What is a Open Recursive Nameserver (further: ORN) A recursive NS for the whole wide world What is Caching Open Recursive Nameserver Open Recursive Nameservers 5 / 17

  11. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Reconnaissance work . . . How to create a list of Nameservers? How to determine if they are Open Recursive? How to determine if they cache? How to determine if the NS is a forwarder? Open Recursive Nameservers 6 / 17

  12. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Reconnaissance work . . . How to create a list of Nameservers? How to determine if they are Open Recursive? How to determine if they cache? How to determine if the NS is a forwarder? Open Recursive Nameservers 6 / 17

  13. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Reconnaissance work . . . How to create a list of Nameservers? How to determine if they are Open Recursive? How to determine if they cache? How to determine if the NS is a forwarder? Open Recursive Nameservers 6 / 17

  14. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Reconnaissance work . . . How to create a list of Nameservers? How to determine if they are Open Recursive? How to determine if they cache? How to determine if the NS is a forwarder? Open Recursive Nameservers 6 / 17

  15. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Zonefile NS NS (without timed-out) CORNs .int (inside .int domain) 59 51 21 (36%) .int (outside .int domain) 203 195 65 (32%) .edu (inside .edu domain) 4264 3333 2142 (50%) .edu (outside .edu domain) 5124 4552 2173 (42%) totals 9650 8131 4401 (46%) Table: Total numbers zonefiles statistics DNS Measurement estimates 9.000.000 nameservers running on the Internet. With our test results we could estimate ∼ 3.690.000 nameservers are CORNs! Open Recursive Nameservers 7 / 17

  16. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The query (maximum DNS UDP packet sizes) . . . Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Open Recursive Nameservers 8 / 17

  17. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The query (maximum DNS UDP packet sizes) . . . Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Open Recursive Nameservers 8 / 17

  18. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The answer (TXT records) . . . Already explained: Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Normal DNS answer size: ∼ 200 bytes Question: How to get the answer to 512 bytes Answer: TXT records (maybe other RRs?) Open Recursive Nameservers 9 / 17

  19. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The answer (TXT records) . . . Already explained: Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Normal DNS answer size: ∼ 200 bytes Question: How to get the answer to 512 bytes Answer: TXT records (maybe other RRs?) Open Recursive Nameservers 9 / 17

  20. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The answer (TXT records) . . . Already explained: Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Normal DNS answer size: ∼ 200 bytes Question: How to get the answer to 512 bytes Answer: TXT records (maybe other RRs?) Open Recursive Nameservers 9 / 17

  21. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research The answer (TXT records) . . . Already explained: Maximum DNS UDP packet size: 512 bytes Normal DNS query size: ∼ 50 bytes Normal DNS answer size: ∼ 200 bytes Question: How to get the answer to 512 bytes Answer: TXT records (maybe other RRs?) Open Recursive Nameservers 9 / 17

  22. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research UDP and DNSSEC . . . Already explained: Question: How to get the answer to 512 bytes Answer: TXT records With DNSSEC extension enabled: bump up to 2048 bytes!!! Open Recursive Nameservers 10 / 17

  23. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research UDP and DNSSEC . . . Already explained: Question: How to get the answer to 512 bytes Answer: TXT records With DNSSEC extension enabled: bump up to 2048 bytes!!! Open Recursive Nameservers 10 / 17

  24. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Figure: DNSSEC and UDP Open Recursive Nameservers 11 / 17

  25. What is the problem? Defending strategies Introduction What is a CORN? Practical Research Further Work Practical Research Figure: Authority section zoomed in Open Recursive Nameservers 12 / 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems

Recursive Methods Noter ch.2 Recursive Methods Recursive problem solution Problems that are naturally solved by recursion Examples: Recursive function: Fibonacci numbers Recursive graphics: Fractals Mutual recursion:

796 views • 61 slides
persistent queries and phantom nameservers "I wonder how many systems will _still_ be

persistent queries and phantom nameservers "I wonder how many systems will _still_ be

persistent queries and phantom nameservers "I wonder how many systems will _still_ be trying to get to b.root-servers.net at the old address in 5 or even 10 years." - Dave Hilton; 29jan2004, NANOG Legacy B Root Planning for

598 views • 10 slides
1 Recursive Definitions Infinite Recursion The recursive part of the LIST definition is used

1 Recursive Definitions Infinite Recursion The recursive part of the LIST definition is used

CSC 2014 Java Bootcamp Lecture 9 Recursion 2 Recursion Recursion is a fundamental programming technique that can provide an elegant solution certain kinds of problems RECURSIVE THINKING 3 4 Recursive Thinking Recursive Definitions

148 views • 4 slides
dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers

dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers

dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers that return custom responses Diagnostics Experimentation Result passed through to the original client Examples: DNS whoami

265 views • 25 slides
Recursive Methods Recursive problem solution Problems that are naturally solved by

Recursive Methods Recursive problem solution Problems that are naturally solved by

Recursive Methods Recursive problem solution Problems that are naturally solved by recursion Derivative of rational function Recursive Methods Examples: Recursive function: Fibonacci numbers Recursive graphics:

284 views • 5 slides
61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions

61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions

61A Lecture 6 Announcements Recursive Functions Recursive Functions 4 Recursive Functions Definition: A function is called recursive if the body of that function calls itself, either directly or indirectly 4 Recursive Functions Definition:

1.08k views • 88 slides
Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions

Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions

Recursion Announcements Recursive Functions Recursive Functions 4 Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly 4 Recursive Functions Definition

1.11k views • 89 slides
Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are

Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are

Lesson 9: Recursive Types Lesson 9 Recursive Types 2/19, 21 Chapters 20, 21 Recursive type Recursive type terms are infinite, but regular For finite terms, use induction based on least fixed points For infinite terms/trees, we

232 views • 7 slides
Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in,

Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in,

Review Recursion Factorial (Iterative and Recursive versions) Call Stack (Last-in, first-out Queue) Tracing recursive functions Fibonacci Sequence Recursive Implementation Recursive Maze Generation One can declare an

921 views • 16 slides
Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive

Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive

Assessing the Stability of Forecasting Models: Recursive Parameter Estimation and Recursive Residuals At each t, t = k, ... ,T-1, compute: Recursive parameter est. and forecast: Recursive residual: If all is well: Sequence of 1-step forecast

650 views • 39 slides
Recursion Announcements Recursive Functions Recursive Functions Definition : A function is

Recursion Announcements Recursive Functions Recursive Functions Definition : A function is

Recursion Announcements Recursive Functions Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly Implication : Executing the body of a recursive function may

320 views • 18 slides
OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges

OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges

OUTLINE CHAPTER 10 Recursive Hierarchies Table of contents Recursive Hierarchies and Bridges Reporting Challenge Flattening a Recursive Hierarchy The Hierarchy Bridge Double Counting Resolving Many to Many Dinesh Maharjan

401 views • 13 slides
Adaptive Control Chapter 5: Recursive plant model identification in open loop 1 Adaptive Control

Adaptive Control Chapter 5: Recursive plant model identification in open loop 1 Adaptive Control

Adaptive Control Chapter 5: Recursive plant model identification in open loop 1 Adaptive Control Landau, Lozano, MSaad, Karimi Chapter 5: Recursive plant model identification in open loop 2 Adaptive Control Landau, Lozano,

685 views • 41 slides
Announcements Recursion Recursive Functions Definition : A function is called recursive if the

Announcements Recursion Recursive Functions Definition : A function is called recursive if the

Announcements Recursion Recursive Functions Definition : A function is called recursive if the body of that function calls itself, either directly or indirectly Implication : Executing the body of a recursive function may require applying that

398 views • 3 slides
Non-Recursive In-Place FFT Algorithm Idea: "Unwind the in-place recursive algorithm and work

Non-Recursive In-Place FFT Algorithm Idea: "Unwind the in-place recursive algorithm and work

Non-Recursive In-Place FFT Algorithm Idea: "Unwind the in-place recursive algorithm and work bottom up from a bit-reversed input array in a "butterfly" pattern: - 1 - (non-recursive in-place FFT algorithm continued) Non-recursive

436 views • 5 slides
Recursive Analysis And Real Recursive Functions Emmanuel Hainry Joint work with Olivier Bournez

Recursive Analysis And Real Recursive Functions Emmanuel Hainry Joint work with Olivier Bournez

Recursive Analysis And Real Recursive Functions Emmanuel Hainry Joint work with Olivier Bournez LORIA/INPL, Nancy, France Feb. 13, 2006 1/29 Introduction Definitions Recursive functions Limit operator Conclusion 1. Introduction Context

399 views • 29 slides
Patients with Chronic Diseases Forward Looking Statements This presentation may contain forward

Patients with Chronic Diseases Forward Looking Statements This presentation may contain forward

Improving the Quality of Life for Patients with Chronic Diseases Forward Looking Statements This presentation may contain forward looking statements. Forward looking statements address future events and conditions and therefore involve inherent

247 views • 23 slides
Transforming Organ Donation In South Africa LOVE LIFE; GIFT LIFE LLGL was established in April

Transforming Organ Donation In South Africa LOVE LIFE; GIFT LIFE LLGL was established in April

Transforming Organ Donation In South Africa LOVE LIFE; GIFT LIFE LLGL was established in April 2016 by four lung transplant recipients and is a registered NPO and PBO. The founding members, Shaylene Perry , Alice Vogt , Fawn Rogers and Siobhan

355 views • 18 slides
Placido topography guided PRK for irregular astigmatism Navid Ardjomand Sehzentrum fr

Placido topography guided PRK for irregular astigmatism Navid Ardjomand Sehzentrum fr

Placido topography guided PRK for irregular astigmatism Navid Ardjomand Sehzentrum fr Augenlaser & Augenchirurgie, Graz Dept. of Ophthalmology, Medical University Graz Financial interests: Consultant for CZM ERLS, Amsterdam May 2018 P

281 views • 10 slides
Single Use Detergent Sacs (SUDS): An Emerging Threat or Novel Nuisance? Canadian Hospitals Injury

Single Use Detergent Sacs (SUDS): An Emerging Threat or Novel Nuisance? Canadian Hospitals Injury

Single Use Detergent Sacs (SUDS): An Emerging Threat or Novel Nuisance? Canadian Hospitals Injury Reporting and Prevention Program (CHIRPP) Multi-Centre Study Daniel Rosenfield, MD 1 , Stephanie VandenBerg, MD 2 , Mohamed Eltorki, MD 2 , Suzanne

332 views • 22 slides
Maintaining Equity in the Marketplace Michelle Wilson 1 Associate Director Division Mandates

Maintaining Equity in the Marketplace Michelle Wilson 1 Associate Director Division Mandates

Weights and Measures Services Division Maintaining Equity in the Marketplace Michelle Wilson 1 Associate Director Division Mandates The Weights and Measures Services Division is charged with: Protecting the integrity of Arizonas

813 views • 48 slides
Linking Indian Fields To The World Presented By: J. Sabaribalan FieldFresh Foods Introduction

Linking Indian Fields To The World Presented By: J. Sabaribalan FieldFresh Foods Introduction

Promoting sustainable & controlled farming by assuring Traceability, Food Safety & Quality Systems, Improving Environmental Performance Linking Indian Fields To The World Presented By: J. Sabaribalan FieldFresh Foods Introduction

508 views • 26 slides
Board of Trustees Project Presentation San Gorgonio Pass Campus Phase I January 21, 2010

Board of Trustees Project Presentation San Gorgonio Pass Campus Phase I January 21, 2010

Board of Trustees Project Presentation San Gorgonio Pass Campus Phase I January 21, 2010 Current Project Participants Mt. San Jacinto Community College District City of Banning Other participants in consideration include: County,

423 views • 18 slides
Crop Breeding and Variety Selection for Soil Health Research-based Practical Guidance for Organic

Crop Breeding and Variety Selection for Soil Health Research-based Practical Guidance for Organic

Crop Breeding and Variety Selection for Soil Health Research-based Practical Guidance for Organic and Transitioning Farmers eOrganic Soil Health and Organic Farming Webinar Series November 14, 2018 Developed and presented by Organic Farming

484 views • 12 slides

More recommend