ordinary dns
play

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. - PowerPoint PPT Presentation

Dec 10, 2022 •241 likes •375 views

Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net A 192.5.6.30 www.google.com A? Client's a.gtld-servers.net google.com. NS ns1.google.com Resolver ns1.google.com A

  1. Ordinary DNS: www.google.com A? Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net A 192.5.6.30 … www.google.com A? Client's a.gtld-servers.net google.com. NS ns1.google.com Resolver ns1.google.com A 216.239.32.10 … www.google.com A? Client's ns1.google.com www.google.com. A 74.125.24.14 Resolver …

  2. DNSSEC (with simplifications): www.google.com A? DO Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net. A 192.5.6.30 … com. DS description-of-com's-key com. RRSIG DS signature-of-that- DS -record-using-root's-key Delegation Signer identifies .com 's public key (name and hash)

  3. DNSSEC (with simplifications): www.google.com A? DO Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net. A 192.5.6.30 … com. DS description-of-com's-key com. RRSIG DS signature-of-that- DS -record-using-root's-key Retrieving .com 's public key is complicated (actually involves multiple keys) …

  4. DNSSEC (with simplifications): www.google.com A? DO Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net. A 192.5.6.30 … com. DS description-of-com's-key com. RRSIG DS signature-of-that- DS -record-using-root's-key RRSIG specifies signature over another RR … here, the above DS record

  5. DNSSEC (with simplifications): www.google.com A? DO Client's k.root-servers.net com. NS a.gtld-servers.net Resolver a.gtld-servers.net. A 192.5.6.30 … com. DS description-of-com's-key com. RRSIG DS signature-of-that- DS -record-using-root's-key Note: no signature over NS or A !

  6. DNSSEC (with simplifications): www.google.com A? DO Client's a.gtld-servers.net google.com. NS ns1.google.com Resolver ns1.google.com. A 216.239.32.10 … google.com. DS description-of- google.com's-key google.com. RRSIG DS signature- of-that- DS -record-using-com's-key

  7. DNSSEC (with simplifications): www.google.com A? DO Client's ns1.google.com www.google.com. A 74.125.24.14 Resolver … www.google.com. RRSIG A signature-of-the- A -records-using- google.com's-key

  8. DNSSEC - Mallory attacks! www.google.com A? DO Client's ns1.evil.com www.google.com. A 6.6.6.6 Resolver Resolver observes that the reply didn't include a signature, rejects it as insecure

  9. DNSSEC - Mallory attacks! www.google.com A? DO Client's ns1.evil.com www.google.com. A 6.6.6.6 Resolver www.google.com RRSIG A signature-of-the- A -record-using- evil.com's-key (1) If resolver didn't receive a signature from .com for evil.com 's key, then it can't validate this signature & ignores reply since it's not properly signed …

  10. DNSSEC - Mallory attacks! www.google.com A? DO Client's ns1.evil.com www.google.com. A 6.6.6.6 Resolver www.google.com RRSIG A signature-of-the- A -record-using- evil.com's-key (2) If resolver did receive a signature from .com for evil.com 's key, then it knows the key is for evil.com and not google.com … and ignores it

  11. DNSSEC - Mallory attacks! www.google.com A? DO Client's ns1.evil.com www.google.com. A 6.6.6.6 Resolver www.google.com RRSIG A signature-of-the- A -record-using- google.com's-key If signature actually comes from google.com 's key, resolver will believe it … … but no such signature should exist unless either: (1) google.com 's private key was compromised, or (2) google.com intended to sign the RR

  12. 69-byte query

  13. 3419-byte reply

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and

Presenting a live 90 minute webinar with interactive Q&A Preference Defenses: New Value Ordinary Preference Defenses: New Value, Ordinary Course and Contemporaneous Exchange Managing the Audit Process, Mitigating Regulatory Sanctions, and

893 views • 52 slides
8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary

8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary

Introduction Approximation of IVP with FD Consistency and Convergence Multistep Methods Stiff Problems Applications 8. Ordinary Differential Equations Indispensable for many technical applications! 8. Ordinary Differential Equations

575 views • 30 slides
Everything You Need To Know About The Ordinary Course of Business Preference Defense, And

Everything You Need To Know About The Ordinary Course of Business Preference Defense, And

Everything You Need To Know About The Ordinary Course of Business Preference Defense, And More! By: Bruce S. Nathan, Esq. David M. Banker, Esq. Terence D. Watson, Esq. Abstract Congress enacted the ordinary course of business defense

555 views • 18 slides
The basic difference between an ordinary man and a warrior is that a warrior takes everything

The basic difference between an ordinary man and a warrior is that a warrior takes everything

The basic difference between an ordinary man and a warrior is that a warrior takes everything as a challenge while an ordinary man takes everything as a blessing or a curse. Tales of Power by Carlos Castaneda RULE 4.2: COMMUNICATION WITH

262 views • 24 slides
Concepts and Algorithms of Scientific and Visual Computing Ordinary Di ff erential Equations

Concepts and Algorithms of Scientific and Visual Computing Ordinary Di ff erential Equations

Concepts and Algorithms of Scientific and Visual Computing Ordinary Di ff erential Equations CS448J, Autumn 2015, Stanford University Dominik L. Michels Cauchy-Kovalevskaya and Picard-Lindel of Theorem Consider the ordinary di ff

441 views • 8 slides
Math 217 - November 29, 2010 Series Solutions 1. What is an ordinary point? 2. What is a

Math 217 - November 29, 2010 Series Solutions 1. What is an ordinary point? 2. What is a

Math 217 - November 29, 2010 Series Solutions 1. What is an ordinary point? 2. What is a singular point? 3. Why do we care about ordinary points and singular points? 4. If you find a series solution at an ordinary point, what can you say

332 views • 8 slides
Annual General Meeting 4 June 2018 2 ORDINARY RESOLUTIONS 1 To confirm Mr DM Ramaphosas

Annual General Meeting 4 June 2018 2 ORDINARY RESOLUTIONS 1 To confirm Mr DM Ramaphosas

Annual General Meeting 4 June 2018 2 ORDINARY RESOLUTIONS 1 To confirm Mr DM Ramaphosas appointment as Non-Executive Director OR ORDINARY RES ESOL OLUTION ON NO. O. 2 Retirement and re-election of Prof RH Stumpf as Non-Executive

739 views • 42 slides
Parallel Numerical Algorithms Chapter 7 Differential Equations Section 7.1 Ordinary

Parallel Numerical Algorithms Chapter 7 Differential Equations Section 7.1 Ordinary

Ordinary Differential Equations Parallel Numerical Algorithms Chapter 7 Differential Equations Section 7.1 Ordinary Differential Equations Michael T. Heath Department of Computer Science University of Illinois at Urbana-Champaign CS

313 views • 12 slides
JUST THE MATHS SLIDES NUMBER 15.5 ORDINARY DIFFERENTIAL EQUATIONS 5 (Second order

JUST THE MATHS SLIDES NUMBER 15.5 ORDINARY DIFFERENTIAL EQUATIONS 5 (Second order

JUST THE MATHS SLIDES NUMBER 15.5 ORDINARY DIFFERENTIAL EQUATIONS 5 (Second order equations (B)) by A.J.Hobson 15.5.1 Non-homogeneous differential equations 15.5.2 Determination of simple particular integrals UNIT 15.5 - ORDINARY

97 views • 8 slides
On the ordinary part of the Shareholders Meeting Approval of ALSTOMs financial statements

On the ordinary part of the Shareholders Meeting Approval of ALSTOMs financial statements

ALSTOM ORDINARY AND EXTRAORDINARY SHAREHOLDERS MEETING 26 JUNE 2012 PRESENTATION OF THE RESOLUTIONS All the information that must be published within the framework of this Shareholders Meeting pursuant to Article R 225-73-1 of the French

328 views • 11 slides
JUST THE MATHS SLIDES NUMBER 15.10 ORDINARY DIFFERENTIAL EQUATIONS 10 (Simultaneous

JUST THE MATHS SLIDES NUMBER 15.10 ORDINARY DIFFERENTIAL EQUATIONS 10 (Simultaneous

JUST THE MATHS SLIDES NUMBER 15.10 ORDINARY DIFFERENTIAL EQUATIONS 10 (Simultaneous equations (C)) by A.J.Hobson 15.10.1 Matrix methods for non-homogeneous systems UNIT 15.10 - ORDINARY DIFFERENTIAL EQUATIONS 10 SIMULTANEOUS

328 views • 13 slides
Development of SML# making ML an ordinary practical languaage . . . . . Atsushi Ohori

Development of SML# making ML an ordinary practical languaage . . . . . Atsushi Ohori

. . Development of SML# making ML an ordinary practical languaage . . . . . Atsushi Ohori joint work with Katsuhiro Ueno , Tohoku University Atsushi Ohori Development of SML# making ML an ordinary practical language 1 / 59

1.25k views • 79 slides
When an ordinary man attains knowledge, he becomes a sage. When a sage attains knowledge, he

When an ordinary man attains knowledge, he becomes a sage. When a sage attains knowledge, he

When an ordinary man attains knowledge, he becomes a sage. When a sage attains knowledge, he becomes an ordinary man. -Zen saying Lymphatic System Lesson Plan: Lymphatic System 5 minutes: Breath of Arrival and Attendance 5

743 views • 41 slides
Population Modeling with Ordinary Differential Equations Michael J. Coleman November 6, 2006

Population Modeling with Ordinary Differential Equations Michael J. Coleman November 6, 2006

Population Modeling with Ordinary Differential Equations Michael J. Coleman November 6, 2006 Abstract Population modeling is a common application of ordinary differential equations and can be studied even the linear case. We will investigate

168 views • 13 slides
JUST THE MATHS SLIDES NUMBER 15.7 ORDINARY DIFFERENTIAL EQUATIONS 7 (Second order

JUST THE MATHS SLIDES NUMBER 15.7 ORDINARY DIFFERENTIAL EQUATIONS 7 (Second order

JUST THE MATHS SLIDES NUMBER 15.7 ORDINARY DIFFERENTIAL EQUATIONS 7 (Second order equations (D)) by A.J.Hobson 15.7.1 Problematic cases of particular integrals UNIT 15.7 - ORDINARY DIFFERENTIAL EQUATIONS 7 SECOND ORDER EQUATIONS (D)

302 views • 9 slides
JUST THE MATHS SLIDES NUMBER 15.3 ORDINARY DIFFERENTIAL EQUATIONS 3 (First order

JUST THE MATHS SLIDES NUMBER 15.3 ORDINARY DIFFERENTIAL EQUATIONS 3 (First order

JUST THE MATHS SLIDES NUMBER 15.3 ORDINARY DIFFERENTIAL EQUATIONS 3 (First order equations (C)) by A.J.Hobson 15.3.1 Linear equations 15.3.2 Bernouillis equation UNIT 15.3 - ORDINARY DIFFERENTIAL EQUATIONS 3 FIRST ORDER

276 views • 11 slides
dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers

dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers

dnstap-whoami Robert Edmonds (edmonds@fsi.io) Farsight Security, Inc. Intro DNS nameservers that return custom responses Diagnostics Experimentation Result passed through to the original client Examples: DNS whoami

265 views • 25 slides
ITS TIME FOR THE RESOLUTION TIM VERBELEN Senior Researcher imec Ghent University 1

ITS TIME FOR THE RESOLUTION TIM VERBELEN Senior Researcher imec Ghent University 1

ITS TIME FOR THE RESOLUTION TIM VERBELEN Senior Researcher imec Ghent University 1 PUBLIC ! could not resolve the bundles: [ that.awesome.library.i.found -1.0.0 org.osgi.framework.BundleException: Unable to resolve

1.13k views • 32 slides
The Effect of DNS on Tors Anonymity Benjamin Greschbach KTH Royal Institute of Technology

The Effect of DNS on Tors Anonymity Benjamin Greschbach KTH Royal Institute of Technology

The Effect of DNS on Tors Anonymity Benjamin Greschbach KTH Royal Institute of Technology Tobias Pulls Karlstad University Laura M. Roberts Princeton University Philipp Winter Princeton University Nick Feamster Princeton University 1

438 views • 42 slides
11/2/2018 Nattawoot Koowattanatianchai 1 Investment Analysis & Portfolio Management

11/2/2018 Nattawoot Koowattanatianchai 1 Investment Analysis & Portfolio Management

11/2/2018 Nattawoot Koowattanatianchai 1 Investment Analysis & Portfolio Management Assistant Professor Nattawoot Koowattanatianchai, DBA, CFA 11/2/2018 Nattawoot Koowattanatianchai 2 Em Email: : fbusn snwk@k wk@ku. u.ac.

746 views • 42 slides
Welcome! Office Hours will start at 2pm and run until 3pm Please mute your microphone As time

Welcome! Office Hours will start at 2pm and run until 3pm Please mute your microphone As time

I-SHARE ALMA PRIMO VE OFFICE HOURS WILL START SHORTLY Welcome! Office Hours will start at 2pm and run until 3pm Please mute your microphone As time permits, we will respond to questions typed in the chat box, and offline afterwards, as needed

298 views • 9 slides
Using R to Analyze Recruiting Pipelines Maryam Jahanshahi Scientist @ TapRecruit @mjahanshahi

Using R to Analyze Recruiting Pipelines Maryam Jahanshahi Scientist @ TapRecruit @mjahanshahi

Using R to Analyze Recruiting Pipelines Maryam Jahanshahi Scientist @ TapRecruit @mjahanshahi Jenny Dearborn @ DearbornJenny If you were to ask your CFO to make a decision, she would rely on facts, not opinions. In contrast, for years, the HR

307 views • 12 slides
The Evolving Architecture of the Web Nick Sullivan Head of Cryptography CFSSL Universal SSL

The Evolving Architecture of the Web Nick Sullivan Head of Cryptography CFSSL Universal SSL

The Evolving Architecture of the Web Nick Sullivan Head of Cryptography CFSSL Universal SSL Keyless SSL Privacy Pass Geo Key Manager Recently Standards work TLS 1.3 C on peting Goals make browsing more performant private HTTP DNS

789 views • 77 slides
Secrets Management in Mesos Vinod Kone ( vinodkone@apache.org ) MesosCon EU 2017 About me

Secrets Management in Mesos Vinod Kone ( vinodkone@apache.org ) MesosCon EU 2017 About me

Secrets Management in Mesos Vinod Kone ( vinodkone@apache.org ) MesosCon EU 2017 About me Apache Mesos PMC and Committer Engineering Manager for Mesos team @ Mesosphere Previously Tech Lead for Mesos team @ Twitter PhD in

397 views • 27 slides

More recommend