Building a DNS Security Range in a Closed Network (Lightning Talk)

2018 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2018-07-01 DOI:10.1109/ICSSA45270.2018.00031

H. Lee, Hyun Min Park, Kyu Don Hwang, Gyeong-Hun Min, Young Sun Park

引用次数: 0

Abstract

In this paper, we present how we built a DNS security range in a closed network. To enable trainees to practice DNS attack labs, such as DNS amplification and DNS cache poisoning, within a closed network, we implemented a pseudo DNS server emulating upstream servers. A modified version of BIND8, in which DNS transaction IDs increase sequentially as in BIND4, and a custom module for Metasploit were implemented to facilitate DNS cache poisoning attacks.

查看原文本刊更多论文

在封闭网络中构建DNS安全范围(闪电讲座)

在本文中，我们介绍了如何在封闭网络中构建DNS安全范围。为了使学员能够在封闭的网络中练习DNS攻击实验室，例如DNS放大和DNS缓存中毒，我们实现了一个模拟上游服务器的伪DNS服务器。在BIND8的修改版本中，DNS事务id与BIND4一样依次增加，并实现了Metasploit的自定义模块，以方便DNS缓存中毒攻击。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2018 International Conference on Software Security and Assurance (ICSSA)

自引率

0.00%

发文量