Speaker
Description
This talk presents a real DNS hijacking incident from last year and how my team traced the issue. We discovered that certain queries to root/.com servers were receiving random, forged responses. To address this, we developed “DNS Traceroute,” a tool that traces the path of DNS queries to identify the source of hijacking, inspired by how Traceroute functions.
This talk was first delivered at the APAC DNS Forum 2024 Pre-Event Webinar (watch here) and received positive feedback. I think it might also interest the OARC community.
Summary
This talk presents a real DNS hijacking incident from last year and how my team traced the issue. We discovered that certain queries to root/.com servers were receiving random, forged responses. To address this, we developed “DNS Traceroute,” a tool that traces the path of DNS queries to identify the source of hijacking, inspired by how Traceroute functions.
| Talk duration | 10 Minutes (+5 for Q&A) |
|---|
