OARC 2015 Spring Workshop (Amsterdam)

Name: OARC 2015 Spring Workshop (Amsterdam)
Start: 2015-05-09T08:30:00+02:00
End: 2015-05-10T18:00:00+02:00
Location: Okura Hotel

9–10 May 2015

Okura Hotel

Europe/Amsterdam timezone

Support

A countermeasure of random subdomain attacks (Aggressive negative caching with NSEC)

9 May 2015, 13:50

30m

Heian I/II (Okura Hotel)

Heian I/II

Okura Hotel

Ferdinand Bolstraat 333 1072 LH Amsterdam

Public Workshop

Mr Kazunori Fujiwara (Japan Registry Services Co., Ltd)

Random sub-domain attacks (also called as "Water Torture" attacks) send many non-existent queries to full resolvers. Negative cache does not work well because query names vary. However, NSEC resource records contain non-existent name ranges. Aggressive negative caching using NSEC resource records may be a countermeasure of random sub-domain attacks for signed domains. The presentation will explain a proposal of a protocol change, attack tool, a patch to Unbound, and an experiment result. It also decrease non-existent TLD queries to root DNS servers. (about 20 minutes without questions)

Mr Kazunori Fujiwara (Japan Registry Services Co., Ltd)

Slides

fujiwara-12.pdf

OARC 2015 Spring Workshop (Amsterdam)

Support

A countermeasure of random subdomain attacks (Aggressive negative caching with NSEC)

Heian I/II

Okura Hotel

Speaker

Description

Primary author

Presentation materials

Choose timezone

OARC 2015 Spring Workshop (Amsterdam)

Support

Speaker

Description

Primary author

Presentation materials