Labels:text | screenshot | parallel | font | number | line | document OCR: Host www.victim.example.com cormaly trusts the host trustme plain.org whose true IP address Is 10.15 22.3 www.victim example .com http://wwwvictim.example.com 2. Query 1. Attacker's Question: Ip address qname =8.0.16.172in-addr.arpa. 172.16.0.8 qtype= PTR DNS Name =? Durchs example.com 5. Accepts bogus PTR T record and aluns the 4. Caches bad PTR record connection and returns bogus answer to victim 3. Response evildns.example.org Answer: 8.0 16.172 in-addr.arpa PTR trustme.plain.org Authority: waample.org NS wvilots.comp. c.org Additional: enlons.example.org 172.16.0.2 Figure 1. Here an attacker's DNS is authoritative for the 172.16.0 (0.16.172.in-addr.arpa) network. The attacker assigns the inverse address 172.16.0.8 a host name of trustme.plain.org. The intruder con- nects to victim.example.com to exploit the trust relationship it has with trustme.plain.org. The attack is successful because the DNS protocol does not contain any mechanism to prevent owners of inverse address spaces from assigning domain names outside of the authoritative areas.
(2000).iso/netwk/011/davif101.gif){kind=small}
(2000).iso/netwk/011/1p72.gif){kind=link}
(2000).iso/netwk/011/greef201.gif){kind=link}