We investigate some issues related to DNS poisoning, and specifically, an attack that poisons DNS cache, similar to Kaminski's attack, but that works even if the resolver selects random ports, as long as resolver is connected to the Internet via NAT. In particular, we tested the attack for the NetFilter NAT. For obvious reasons, I prefer at this point to share details only with developers of NAT devices. If you are such developer, please contact me and I can send you the details (paper). Feel also welcome to forward the messages to individuals/forums which may be relevant (i.e., developers). I apologize for not being able to promise to respond to requests from people who are just curious (i.e., not NAT developers). Thanks for your understanding. -- Amir Herzberg Associate Professor, Dept. of Computer Science Bar Ilan University http://AmirHerzberg.com -- Amir Herzberg Associate Professor, Dept. of Computer Science Bar Ilan University http://AmirHerzberg.com -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
