Dear colleagues,
This article by Petr Špaček of CZ.NIC describes a newly discovered DNS
protocol vulnerability that affects all recursive DNS resolvers.
NXNSAttack allows the execution of random subdomain attacks using the
DNS delegation mechanism, resulting in a big packet amplification factor.
This is not a “newly discovered vulnerability. This was presented at DNS OARC
21 by Florian Maury
in 2015
https://indico.dns-oarc.net/event/21/contributions/301/attachments/272/492/slides.pdf,
and also details the fixes applied to resolvers at the time.
As Florian also points out the generic vul
Hi Geoff
On Thu, May 21, 2020 at 05:49:43AM +1000, Geoff Huston wrote:
> This is not a “newly discovered vulnerability. This was presented at DNS OARC
> 21 by Florian Maury
> in 2015
> https://indico.dns-oarc.net/event/21/contributions/301/attachments/272/492/slides.pdf,
> and also details the f
