Abstract
In article [1] we presented the results of analysis of well-known weakness of some DNS servers: poor quality of pseudo-random numbers generators (PRNG), which makes it possible to hack them using the birthday attack. In this article we present extended analysis of current DNS servers: DNS build in Windows 2003 server with SP2, DNS from Windows 2008 server with SP2 and Bind ver. 9.0.p1, comparing the old ones. The analysis included the following tests of randomness: Median Runs Test, Quartile Runs Test, Runs Test for Characters and Symmetry Test and tests of autocorrelation: significance of first order autocorrelation and the test χ 2 of conformity with uniform distribution as well as test of frequency of occurrence of particular values and frequency of occurrence of pairs of values.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Szmit, A., Tomaszewski, M., Szmit, M.: Domain Name Servers’ Pseudo-Random Number Generators and DNS Cache Poisoning Attack. Polish Journal of Environmental Studies 15(4C), 184–187 (2006)
Stephard, J.: DNS Cache Poisoning – the Next Generation, http://www.lurhq.com/dnscache.pdf
Mockapetris, P.V.: Domain Names: Concepts and Facilities. RFC 882, ftp://ftp.rfc-editor.org/in-notes/rfc882.txt
Mockapetris, P.V.: Domain Names: Implementation Specification. RFC 883, ftp://ftp.rfc-editor.org/in-notes/rfc883.txt
Zalewski, M.: Strange Attractors and TCP/IP Sequence Number Analysis, http://lcamtuf.coredump.cx/newtcp/
Tian, J., Gu, D., Lu, H.: A Solution for Packet Validity Check Against DNS Cache Poisoning. Communications Technology, 43(08(224)), 146–151 (2010)
Dagon, D., Antonakakis, M., Day, K., Luo, X., Lee, C.P., Lee, W.: Recursive DNS Architectures and Vulnerability Implications. In: NDSS Symposium 2009, San Diego (2009)
Domanski, C.: Statystyczne testy nieparametryczne. PWE Warszawa (1979)
Edington, E.S.: Table for Number of Runs of Signs of First Differences in Ordered Series. Journal of the American Statistical Association (1961)
Hanke, J.E., Reitsch, A.G.: Business Forecasting (Hardcover). Prentice-Hall, Englewood Cliffs (1998)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Szmit, M., Szmit, A. (2011). DNS Pseudo-Random Number Generators Weakness. In: Kwiecień, A., Gaj, P., Stera, P. (eds) Computer Networks. CN 2011. Communications in Computer and Information Science, vol 160. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21771-5_32
Download citation
DOI: https://doi.org/10.1007/978-3-642-21771-5_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21770-8
Online ISBN: 978-3-642-21771-5
eBook Packages: Computer ScienceComputer Science (R0)