DNS Cache Poisoning - Computerphile

Показать описание

Poisoning the DNS cache is a sure way to serve malware to unsuspecting users. Dr Mike Pound explains some of the ways this has been accomplished.

This video was filmed and edited by Sean Riley.

Рекомендации по теме

Комментарии

Seeing Dr. Pound's eyes light up every time he mentions filling up some random computer with malware gives me so much energy

t

Out of all Computerphile presenters, Dr. Pound, in my opinion, is simply the best! He explanations are bang on and are super easy to grasp. Whenever I see a notification for a video featuring him, I leave everything and start watching it right away.

ittvblog

Dr. Mike Pound's enthusiasm for knowledge is infectious

treyquattro

It's also important to note that DNS happens over UDP (stateless) so there's no 'connection' to check the response against. For example, in TCP, participating computers establish a connection, and the only response for the request that was sent out is accepted by the requesting server.

dexterman

No matter what the subject, I always find myself learning something new from
Dr. Pound.

KSigWyatt

I was looking forward to this video and as always its amazingly explained by Dr.Mike. I couldn't keep it as he left us with a cliffhanger in the last DNS video and searched about it but still his explanation gave me a better and clear understanding of it.. Love his way of teaching <3 !!

UsmanAR

I really like how he says something and it souds like it's insanely fun. And simple enough for almost anyone to understand.

raymondnozomi

Name server poisoning also happened occasionally on accident, due to responding accidently with an incremented query id, possibly poisoning some later random request. Also, if a DNS has DNS level blocking taking place, and it is treated like an authoritative DNS server, it may 'black hole' your request. As in, send you an IP that is invalid and leads no where. This happened to google servers a while back when they accidentally had china servers listed as authoritative, which was causing global traffic to get black holed due to china censorship.

rich

Major props for making this video despite the earthquake you guys were experiencing.

adventurer

The best presenter, I owe so much of my knowledge to this guy and this channel, glad these videos keep coming out !

dbtechprojects

Me: I have to get up early tomorrow.
Dr. Mike Pound: Wanna know something about DNS Cache Poisoning?
Me: Tell me everything!

#sleepis4theweak
oh and nice pen flip at 10:07

_PsychoFish_

Of course Dr. Mike Pound would say that a hacking attack has a "cool" name and is a very "cool" kind of attack.

demonicious_

Thanks for explaining the subject in an easy to understand manner. The next time a client of mine tells me that my recommendation of implementing DNSSEC is "overkill" and "too expensive", I shall point them to this video.

makkurotatsu

I studied computer science about 30 years ago, and would have loved to have had a professor like him. I remember buying my first computer magazine about 1980 aged about 7 and being amazed. I used every penny of my pocket money to buy as many magazines and books as I could up until the age of about 17.

Computers were a different beast then, and the challenges were very different, but I LOVE watching these videos (I no longer program computers) - and I'm in awe of you guys.

NickHobbs

Well explained as usual. But I kept wondering why name servers don’t simply only accept each query ID from the IP address of the authoritative server they sent the query ID to.

I found out the reason is that with UDP you can spoof the source IP

omicronpersei