Assignment 5HEADmaster

1 files changed, 26 insertions, 0 deletions

diff --git a/netsec-assignment5-S4498062/exercise3/exercise3a b/netsec-assignment5-S4498062/exercise3/exercise3a
new file mode 100644
index 0000000..fd9364a
--- /dev/null
+++ b/netsec-assignment5-S4498062/exercise3/exercise3a
@@ -0,0 +1,26 @@
+We query a non-existing domain which likely isn't in the cache already (that is,
+a random string as subdomain). For example, we might query for:
+
+$ dig eWVwLCB0aGlzIGlzIGJhc2U2NC4u.blackboard.ru.nl
+
+Then we race the actual DNS server to provide this response:
+
+    ;; ANSWER SECTION:
+    eWVwLCB0aGlzIGlzIGJhc2U2NC4u.blackboard.ru.nl. 120 IN A 10.10.10.10
+
+    ;; AUTHORITY SECTION:
+    blackboard.ru.nl.       86400   IN      NS      ourns.blackboard.ru.nl.
+
+    ;; ADDITIONAL SECTION:
+    ourns.blackboard.ru.nl. 604800  IN      A       10.10.10.20
+
+Here, 10.10.10.20 would be our address. The cache will now ask stuff about
+blackboard.ru.nl to our nameserver which he thinks is at ourns.blackboard.ru.nl.
+
+Thus by simply requesting
+
+$ dig blackboard.ru.nl
+
+and sending back an incorrect A record for blackboard.ru.nl from 10.10.10.20, we
+have spoofed the cache.
+