DNS Measurement at a Root Server Nevil Brownlee, kc Claffy and Evi Nemeth Presented by Zhengxiang Pan Mar. 27 th, 2003.

Slides:



Advertisements
Similar presentations
Name Server Tri Wahyuddin Tryawan Hendra Septian.
Advertisements

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.
IPv6 – IPv4 Network Address, Port & Protocol Translation & Multithreaded DNS Gateway Navpreet Singh, Abhinav Singh, Udit Gupta, Vinay Bajpai, Toshu Malhotra.
Sergei Komarov. DNS  Mechanism for IP hostname resolution  Globally distributed database  Hierarchical structure  Comprised of three components.
NetScanTools ® LE Law Enforcement Version of NetScanTools ® from Northwest Performance Software, Inc. netscantools.com.
IPv6 seen from DNS Dr. WANG Xin, CNNIC Labs 25 Aug 2009.
1 Reading Log Files. 2 Segment Format
DHCP Security Analysis Dallas Holmes / Matt MacClary ECE 478 Project Spring 2003.
DNS, Web, TCP Sequence Numbers EE122 Discussion 10/19/2011.
Statistical Analysis of Malformed Packets and Their Origins in the Modern Internet NETREAD UC Berkeley George Porter Oct 4, 2002.
Hitesh Ballani, Paul Francis(Cornell University) Presenter: Zhenhua Liu Date: Mar. 16 th, 2009.
Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing Base on RFC 2827 Lector Kirill Motul.
CLIENT / SERVER ARCHITECTURE AYRİS UYGUR & NİLÜFER ÇANGA.
McGraw-Hill©The McGraw-Hill Companies, Inc., Chapter 25 Domain Name System.
Hands-On Microsoft Windows Server 2003 Networking Chapter 6 Domain Name System.
Lesson 20 – OTHER WINDOWS 2000 SERVER SERVICES. DHCP server DNS RAS and RRAS Internet Information Server Cluster services Windows terminal services OVERVIEW.
Hands-On Microsoft Windows Server 2003 Networking Chapter 7 Windows Internet Naming Service.
DNS: Revising the Current Protocol Matt Gustafson Matt Weaver CS522 Computer Communications University of Colorado, Colorado Springs.
Exam Review Networking CS 3470, Section 1 Sarah Diesburg.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Domain Name System ( DNS )  DNS is the system that provides name to address mapping for the internet.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
1 Secure DNS Solutions Rooster. 2 Introduction What does security mean for DNS? What security problems exist for DNS, what is being done about them, and.
Pro Exchange SPAM Filter An Exchange 2000 based spam filtering solution.
Layer 2 Security – No Longer Ignored Security Possibilities at Layer 2 Allan Alton, BSc CISA CISSP NetAnalyst UBC October 18, 2007.
A question of protocol Geoff Huston APNIC 36. Originally there was RFC791: “All hosts must be prepared to accept datagrams of up to 576 octets (whether.
Support Protocols and Technologies. Topics Filling in the gaps we need to make for IP forwarding work in practice – Getting IP addresses (DHCP) – Mapping.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 8 – Denial of Service.
Chapter 16 – DNS. DNS Domain Name Service This service allows client machines to resolve computer names (domain names) to IP addresses DNS works at the.
Petrozavodsk State University, Alex Moschevikin, 2003NET TECHNOLOGIES Domain Name System HISTORY File hosts (the size of Internet became more than 1000.
DNS: Domain Name System
Architecture of DNS CS 718 Activity 4 Submitted by Parag Abhyankar Anup S. Kunte
COMP210 DNS Module Domain Name Service Dr Ahmad Al-Zubi.
25.1 Chapter 25 Domain Name System Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Network Protocols Chapter 25 (Data Communication & Networking Book): Domain Name System (DNS) 1.
Chapter 17 Domain Name System
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
Domain Name System CH 25 Aseel Alturki
October 8, 2015 University of Tulsa - Center for Information Security Microsoft Windows 2000 DNS October 8, 2015.
DNS Security Pacific IT Pros Nov. 5, Topics DoS Attacks on DNS Servers DoS Attacks by DNS Servers Poisoning DNS Records Monitoring DNS Traffic Leakage.
1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.
Development of the domain name system Baoning Wu 01/30/2003.
Naming March 8, Networks What is naming?  Associations between some elements in a set of names and some elements in a set of values  Binding.
1 Kyung Hee University Chapter 18 Domain Name System.
Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.
Domain Name System Refs: Chapter 9 RFC 1034 RFC 1035.
DNS SRV and NAPTR Use for SPEERMINT - Tom Creighton, Gaurav Khandpur Comcast SPEERMINT Intermin Meeting Philadelphia Sept
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 19 Domain Name System (DNS)
Chapter 7 Denial-of-Service Attacks Denial-of-Service (DoS) Attack The NIST Computer Security Incident Handling Guide defines a DoS attack as: “An action.
* Agenda  What is the DNS ?  Poisoning the cache  Short term solution  Long term solution.
DNS Cache Poisoning. History 1993 – DNS protocol allowed attacker to inject false data which was then cached 1997 – BIND 16-bit transaction ids not randomized,
Advanced Packet Analysis and Troubleshooting Using Wireshark 23AF
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 18 Domain Name System (DNS)
Chapter 38 Initialization & Configuration. Bootstrapping occurs during boot up to obtain boot program which may then load operating system may use network.
TCP/IP Protocol Suite 1 Chapter 17 Upon completion you will be able to: Domain Name System: DNS Understand how the DNS is organized Know the domains in.
1 Pertemuan 23 Overview of Transport Layer Ports.
Domain Name System DPNM Lab. Seongho Cho
Short Intro to DNS (part of Tirgul 9) Nir Gazit. What is DNS? DNS = Domain Name System. For translation of host names to IPs. A Distributed Database System.
End-host IP: MAC: 11:11:11:11:11 gateway IP: MAC: 22:22:22:22:22 Google server IP: interne t interface DNS server IP:
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
11 MAINTAINING A NETWORK INFRASTRUCTURE Chapter 9.
Monitoring, analyzing and cleaning DNS configuration errors across European NRENs Slavko Gajin University of Belgrade, Serbia
Using Digital Signature with DNS. DNS structure Virtually every application uses the Domain Name System (DNS). DNS database maps: –Name to IP address.
Security Issues with Domain Name Systems
What’s the relationship here?
Chapter 25 Domain Name System
Chapter 25 Domain Name System
Domain Name System: DNS
Presentation transcript:

DNS Measurement at a Root Server Nevil Brownlee, kc Claffy and Evi Nemeth Presented by Zhengxiang Pan Mar. 27 th, 2003

Introduction DNS: Domain Name System BIND: Berkeley Internet Name Domain System clientLocal Name ServerRoot Server Local Name Server UDP

Methodology Passive capture DNS packets at F.root-server.net Use Tcpdump & Error logs

Results A. query rate Responds 93% of the input packets.

B1. Repeated queries –Maybe the results of a broken nameserver or a broken client. B2. Private Address Space –About 7% of the queries are asking for hostname associated with an RFC 1918 address. –2% - 3% of the queries have the source IP address in RFC 1918 space. Error taxonomy

B3. Top Level Domains –In 1 hour trace of Jan. 7, 2001: –16.5% of the servers asked only INVALID TLD –37.1% of the servers asked at least one INVALID TLD

Error taxonomy B4. Bogus A Queries –A query: hostname  IP address –12-18% A queries target IP address B5. Source Port Zero –Port 0 is reserved and not valid in UDP / TCP. –Root servers never answer queries from port 0

Error Taxonomy B6. Dynamic Updates –DHCP can dynamic update local nameserver, should not try to update root servers.

Results Attacks –Spoofing source IP, using root server as reflector, flooding the attack target with answers it did not ask. –Scanning IP space. Microsoft’s DNS woes –Jan. 24, 2001 Microsoft nameserves down, query load for Microsoft names go to over 25% of the total query load.

Summary Percentages of servers have bad behaviors: –13% bogus A query –35% invalid TLD –35% leaking internal information Strategy –Diagnose and repair bugs in implementation –Deploy negative answers

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.