See this document in CiteSeerX!

Addressing Weaknesses in the Domain Name System Protocol (1993)  (Make Corrections)  (7 citations)
Christoph L. Schuba, Eugene H. Spafford



  Home/Search   Context   Related

 
View or download:
cert.dfn.de/pub/do...DNSmsthesis.ps.gz
ccert.edu.cn/documents/./9428.ps
sjsu.edu/faculty/schuba/pub...94028.ps
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  fermivista.math...ftp.cert.dfn.de (more)
From:  sjsu.edu/faculty/s...publications
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: The Domain Name System (DNS) is a widely implemented distributed database system used throughout the Internet, providing name resolution between host names and Internet Protocol addresses. This thesis describes problems with the DNS and one of its implementations that allow the abuse of name based authentication. This leads to situations where the name resolution process cannot be trusted, and security may be compromised. This thesis outlines the current design and implementation of the DNS. It ... (Update)

Context of citations to this paper:   More

...may have been in vain. Apart from reports that this exact technique was used by hackers many years ago and the reports are quite reliable the paper leaked anyway. We have seen it on at least one Web server, and follow up work by Schuba has been available for quite some time...

...is carried out on the Internet would be impossible. Whilst DNS is a vital service, the security problems posed by using DNS are numerous[7,8]. The main risk surrounds the amount of local information that the DNS can make public. Allowing access to a site s hostnames opens up...

Cited by:   More
An Intrusion Tolerance Approach for Protecting Network.. - Cheung (1999)   (Correct)
A Formal-Specification Based Approach for Protecting the.. - Cheung, Levitt   (Correct)
Applying Military Grade Security to the Internet - Dalton, Griffin (1997)   (Correct)

Similar documents (at the sentence level):
76.3%:   Addressing Weaknesses in the Domain Name System Protocol - Schuba (1993)   (Correct)
14.3%:   Countering Abuse of Name-Based Authentication - Schuba, Spafford (1994)   (Correct)

Active bibliography (related documents):   More   All
0.3:   Transparent Remote Procedure Calls - Abram (1992)   (Correct)
0.2:   Using the Domain Name System for System Break-ins - Bellovin (1995)   (Correct)
0.2:   Security Problems in the TCP/IP Protocol Suite - Bellovin (1989)   (Correct)

Similar documents based on text:   More   All
0.4:   A Replicated Architecture for the Domain Name System - Kangasharju, Ross (2000)   (Correct)
0.3:   DNS Security - Lioy, Maino, Marian, Mazzocchi (2000)   (Correct)
0.3:   Management of Drug Overdose and Poisoning - Moh Clinical Practice   (Correct)

Related documents from co-citation:   More   All
8:   Computer Emergency Response Team Advisory (context) - CA- - 1989
4:   Security problems in the TCP/IP protocol suite - Bellovin - 1989
4:   DNS and BIND security issues (context) - Vixie - 1995

BibTeX entry:   (Update)

Christoph L. Schuba. Addressing Weaknesses in the Domain Name System Protocol. Master's thesis, Purdue University, West Lafayette, IN, August 1993. http://citeseer.ist.psu.edu/schuba93addressing.html   More

@techreport{ schuba93addressing,
    author = "Christoph L. Schuba and Eugene H. Spafford",
    title = "Addressing Weaknesses in the Domain Name System Protocol",
    year = "1993",
    url = "citeseer.ist.psu.edu/schuba93addressing.html" }
Citations (may not include all citations):
1529   A Method for Obtaining Digital Signatures and Public Key Cry.. - Rivest, Shamir et al. - 1978
373   UNIX Network Programming (context) - Stevens - 1990
317   Kerberos: An Authentication Service for Open Network Systems - Steiner, Neuman et al. - 1988
267   Internetworking with TCP/IP (context) - Comer - 1991
261   Modern Operating Systems (context) - Tanenbaum - 1992
191   Englewood Cliffs (context) - Bertsekas, Gallager et al. - 1992
98   RFC-1320 The MD4 Message-Digest Algorithm (context) - Rivest - 1992
98   RFC-1321 The MD5 Message-Digest Algorithm (context) - Rivest - 1992
78   Security Problems in the TCP/IP Protocol Suite - Bellovin - 1989
59   Practical UNIX Security (context) - Garfinkel, Spafford - 1991
53   The Internet Worm Program: An Analysis - Spafford - 1988
52   Reflections on Trusting Trust (context) - Thompson - 1984
51   Cryptography and Data Security (context) - Denning - 1982
51   DNS and BIND (context) - Albitz, Liu - 1992
49   Internet Privacy Enhanced Mail (context) - Kent - 1993
37   RFC-882 Domain Names - Concepts and Facilities (context) - Mockapetris - 1983
37   RFC-1034 Domain Names - Concepts and Facilities (context) - Mockapetris - 1987
36   RFC-1422 Privacy Enhancement for Internet Electronic Mail: P.. (context) - Kent - 1993
27   RFC-883 Domain Names - Implementation and Specification (context) - Mockapetris - 1983
27   RFC-1035 Domain Names - Implementation and Specification (context) - Mockapetris - 1987
27   Using the Domain Name System for System Breakins - Bellovin - 1990
23   An Analysis of WideArea Name Server Traffic - Danzig, Obraczka et al. - 1992
17   Internet System Handbook (context) - Lynch, Rose - 1993
16   There Be Dragons - Bellovin - 1992
12   IP Network Administration (context) - Hunt - 1992
11   manual pages (context) - Microsystems - 1991
11   RFC-1319 The MD2 Message-Digest Algorithm (context) - Kaliski - 1992
6   Name Server Operations Guide for BIND - Dunlap, Karels - 1984
5   Pseudo-Network Drivers and Virtual Networks - Bellovin - 1990
5   Computing Science Technical Report No (context) - Morris, in et al. - 1985
3   Xerox Corporation (context) - Merkle - 1989
3   AddisonWesley Publishing Company (context) - Coulouris, Dollimore - 1988
2   Carl Hanser Verlag Munchen Wien (context) - Kernighan, Ritchie - 1988
2   Internet Domain Survey Apr (context) - Lottor - 1993
2   A Secure System for Applications in a Multi-vendor Environme.. (context) - Parker - 1991
2   Auditing the SNA/SNI Environment (context) - Paans, de Lange - 1991
2   The greatest cracker-case in Denmark: The detecting (context) - Madsen - 1992
2   RFC-1123 Requirements for Internet Hosts -- Application and .. (context) - Mockapetris - 1989
1   The Cuckoo's Egg: Tracing a Spy Through the Maze of Computer.. (context) - Stoll - 1989



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://fermivista.math.jussieu.fr/ftp/ftp.cert.dfn.de.html):   More
Directed Acyclic Graphs, One-way Functions and Digital.. - Bleichenbacher, Maurer   (Correct)
The Magic Words Are Squeamish Ossifrage (Extended Abstract) - Atkins, Graff, Lenstra..   (Correct)
Some Remarks on Protecting Weak Keys and Poorly-Chosen Secrets.. - Gene Tsudik (1993)   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC