2008-07-23 – Kaminsky's DNS hack

👤beezari posted a copy of the leaked Matasano explanation of Kaminsky's new DNS attack. I believe the explanation isn't quite right. In his interview in the WIRED Threat Level blog Kaminsky mentions that the attack relies on CNAMEs. This means that it does not depend on glue nor on additional section processing, which is what Matasano described. I believe the real explanation is...

$ md5 <~/doc/kaminsky

⇐ 2008-07-23 ⇐ A ratelimit idea ⇐ ⇒ ClamAV aargh ⇒ 2008-07-24 ⇒