Article 6K99C Huston: KeyTrap!

Huston: KeyTrap!

by
corbet
from LWN.net on (#6K99C)
Geoff Huston digs into thedetails of the KeyTrap DNS vulnerability, which was disclosed in February.

It's by no means "[devastating]" for the DNS, and the fix is much thesame as the previous fix. As well as limiting the number of queriesthat a resolver can generate to resolve a queried name, a carefulresolver will limit both the elapsed time and perhaps the amount ofthe resolver's processing resources that are used to resolve anysingle query name.

It's also not a novel discovery by the ATHENE folk. Thevulnerability was described five years ago by a student at theUniversity of Twente. I guess the issue was that the student failedto use a sufficient number of hysterical adjectives in describingthis DNS vulnerability in the paper!

External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments