Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Rethinking the Security Threats of Stale DNS Glue Records

USENIX via YouTube

Overview

Explore a 13-minute conference presentation from USENIX Security '24 that investigates critical security vulnerabilities in DNS glue records. Dive into groundbreaking research that reveals how 23.18% of glue records across 1,096 TLDs are outdated and potentially exploitable. Learn about the systematic analysis of 9 mainstream DNS implementations, including BIND 9 and Microsoft DNS, which uncovered manipulable behaviors that could enable large-scale domain hijacking and denial-of-service attacks. Discover how over 193,558 exploitable records put more than 6 million domains at risk, and understand why 90% of global open resolvers, including major providers like OpenDNS and AliDNS, use unvalidated and outdated glue records. Gain insights into the researchers' responsible disclosure process and the subsequent mitigation efforts by affected stakeholders, including Microsoft DNS, PowerDNS, OpenDNS, and Alibaba Cloud DNS.

Syllabus

USENIX Security '24 - Rethinking the Security Threats of Stale DNS Glue Records

Taught by

USENIX

Reviews

Start your review of Rethinking the Security Threats of Stale DNS Glue Records

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.