Network Security: Detailed info on Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache

from [Tuc at T-B-O-H.NET] Network Security

[Permanent Link]

Subject:	Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning
Date:	Fri, 25 Jul 2008 16:09:07 -0400 (EDT)


On FreeBSD 7.0-STABLE (updated on Fri May 23) it fails to create raw 
socket even when running as root:
...
[-] This module is configured to use a raw IP socket. On Unix systems, 
only the root user is allowed to create raw sockets.Please run the 
framework as root to use this module.
 
[*] Attempting to inject poison records for example.com.'s nameservers 
into 202.72.241.4:55088...
[-] Auxiliary failed: undefined method `sendto' for nil:NilClass

        Thats a known issue. May be on any *BSD system, not sure 
about Windows. The authors were alerted, but don't have a time to 
resolution set. I guess Linux is the default of the hack platform. ;)

                Tuc/TBOH

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit, I)ruid Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit, Ganbold [Full-disclosure] Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit, tixxDZ Re: [bugtraq] Re: [Full-disclosure] CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning, Tuc at T-B-O-H.NET <=

Previous by Date:	Re: [Full-disclosure] how to request a cve id?, Fredrick Diggle
Next by Date:	[Full-disclosure] ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability, zdi-disclosures
Previous by Thread:	[Full-disclosure] Re : CAU-EX-2008-0002: Kaminsky DNS Cache Poisoning Flaw Exploit, tixxDZ
Next by Thread:	[Full-disclosure] CAU-EX-2008-0003: Kaminsky DNS Cache Poisoning Flaw Exploit for Domains, I)ruid
Indexes:	[Date] [Thread] [Top] [All Lists]