#keytrap — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #keytrap, aggregated by home.social.
-
op SIDN.nl: Alle DNS-software en -diensten bleken kwetsbaar voor DoS-aanval -- 25 jaar oude kwetsbaarheid in DNSSEC-ontwerp afgelopen weken gepatcht
https://www.sidn.nl/nieuws-en-blogs/alle-dns-software-en-diensten-bleken-kwetsbaar-voor-dos-aanval"De kwetsbaarheid met de naam #KeyTrap maakte het mogelijk om vanaf een DNS-server een Denial-of-Service (DoS)-aanval uit te voeren op een validerende resolver. Omdat het een probleem in de specificatie zelf betrof, waren alle veelgebruikte DNS-resolvers en -diensten aangedaan."
-
op SIDN.nl: Alle DNS-software en -diensten bleken kwetsbaar voor DoS-aanval -- 25 jaar oude kwetsbaarheid in DNSSEC-ontwerp afgelopen weken gepatcht
https://www.sidn.nl/nieuws-en-blogs/alle-dns-software-en-diensten-bleken-kwetsbaar-voor-dos-aanval"De kwetsbaarheid met de naam #KeyTrap maakte het mogelijk om vanaf een DNS-server een Denial-of-Service (DoS)-aanval uit te voeren op een validerende resolver. Omdat het een probleem in de specificatie zelf betrof, waren alle veelgebruikte DNS-resolvers en -diensten aangedaan."
-
op SIDN.nl: Alle DNS-software en -diensten bleken kwetsbaar voor DoS-aanval -- 25 jaar oude kwetsbaarheid in DNSSEC-ontwerp afgelopen weken gepatcht
https://www.sidn.nl/nieuws-en-blogs/alle-dns-software-en-diensten-bleken-kwetsbaar-voor-dos-aanval"De kwetsbaarheid met de naam #KeyTrap maakte het mogelijk om vanaf een DNS-server een Denial-of-Service (DoS)-aanval uit te voeren op een validerende resolver. Omdat het een probleem in de specificatie zelf betrof, waren alle veelgebruikte DNS-resolvers en -diensten aangedaan."
-
Very good analogy by Edward Lewis on an #IETF mailing list (in the context of #KeyTrap) about the risk of filtering stuff in the name of security: filtering can also clog the system. "I am picturing a screen put over a water spillway, or paper air
filters in an HVAC intake or internal combustion engines." "Filtering will slow flow and may even entirely stop it" -
Very good analogy by Edward Lewis on an #IETF mailing list (in the context of #KeyTrap) about the risk of filtering stuff in the name of security: filtering can also clog the system. "I am picturing a screen put over a water spillway, or paper air
filters in an HVAC intake or internal combustion engines." "Filtering will slow flow and may even entirely stop it" -
Very good analogy by Edward Lewis on an #IETF mailing list (in the context of #KeyTrap) about the risk of filtering stuff in the name of security: filtering can also clog the system. "I am picturing a screen put over a water spillway, or paper air
filters in an HVAC intake or internal combustion engines." "Filtering will slow flow and may even entirely stop it" -
Very good analogy by Edward Lewis on an #IETF mailing list (in the context of #KeyTrap) about the risk of filtering stuff in the name of security: filtering can also clog the system. "I am picturing a screen put over a water spillway, or paper air
filters in an HVAC intake or internal combustion engines." "Filtering will slow flow and may even entirely stop it" -
Very good analogy by Edward Lewis on an #IETF mailing list (in the context of #KeyTrap) about the risk of filtering stuff in the name of security: filtering can also clog the system. "I am picturing a screen put over a water spillway, or paper air
filters in an HVAC intake or internal combustion engines." "Filtering will slow flow and may even entirely stop it" -
Si vous ne savez pas quoi lire ce week-end, que vous vous intéressez au #DNS, et que vous n'avez pas encore lu l'article sur #KeyTrap, il est bien. Il faut juste ignorer les phrases du genre « Solving these issues fundamentally requires to
reconsider the basics of the design philosophy of the Internet. » et autres exagérations typiques d'Haya Shulman. https://www.athene-center.de/en/keytrap(Avant, pensez à mettre à jour vos résolveurs.)
-
Si vous ne savez pas quoi lire ce week-end, que vous vous intéressez au #DNS, et que vous n'avez pas encore lu l'article sur #KeyTrap, il est bien. Il faut juste ignorer les phrases du genre « Solving these issues fundamentally requires to
reconsider the basics of the design philosophy of the Internet. » et autres exagérations typiques d'Haya Shulman. https://www.athene-center.de/en/keytrap(Avant, pensez à mettre à jour vos résolveurs.)
-
Si vous ne savez pas quoi lire ce week-end, que vous vous intéressez au #DNS, et que vous n'avez pas encore lu l'article sur #KeyTrap, il est bien. Il faut juste ignorer les phrases du genre « Solving these issues fundamentally requires to
reconsider the basics of the design philosophy of the Internet. » et autres exagérations typiques d'Haya Shulman. https://www.athene-center.de/en/keytrap(Avant, pensez à mettre à jour vos résolveurs.)
-
Si vous ne savez pas quoi lire ce week-end, que vous vous intéressez au #DNS, et que vous n'avez pas encore lu l'article sur #KeyTrap, il est bien. Il faut juste ignorer les phrases du genre « Solving these issues fundamentally requires to
reconsider the basics of the design philosophy of the Internet. » et autres exagérations typiques d'Haya Shulman. https://www.athene-center.de/en/keytrap(Avant, pensez à mettre à jour vos résolveurs.)
-
Si vous ne savez pas quoi lire ce week-end, que vous vous intéressez au #DNS, et que vous n'avez pas encore lu l'article sur #KeyTrap, il est bien. Il faut juste ignorer les phrases du genre « Solving these issues fundamentally requires to
reconsider the basics of the design philosophy of the Internet. » et autres exagérations typiques d'Haya Shulman. https://www.athene-center.de/en/keytrap(Avant, pensez à mettre à jour vos résolveurs.)
-
#KeyTrap attack: Internet access disrupted with one #DNS packet
#cybersecurity #dnssec
https://www.bleepingcomputer.com/news/security/keytrap-attack-internet-access-disrupted-with-one-dns-packet/ -
#KeyTrap attack: Internet access disrupted with one #DNS packet
#cybersecurity #dnssec
https://www.bleepingcomputer.com/news/security/keytrap-attack-internet-access-disrupted-with-one-dns-packet/ -
#KeyTrap attack: Internet access disrupted with one #DNS packet
#cybersecurity #dnssec
https://www.bleepingcomputer.com/news/security/keytrap-attack-internet-access-disrupted-with-one-dns-packet/ -
Eine #Schwachstelle in der grundlegenden Struktur des Internets wurde von unserem #Forschungszentrum entdeckt. Unsere Expert*innen sind darauf in einem Artikel der #FrankfurterRundschau @FR genauer eingegangen.
Hier finden Sie den Artikel:
https://www.fr.de/rhein-main/darmstadt/forschungszentrum-in-darmstadt-deckt-sicherheitsluecke-auf-hacker-haetten-internet-lahmlegen-koennen-92844483.html
#Keytrap #Sicherheitslücke #Internet #Darmstadt #Frankfurt #Hessen #Forschung #IT #Cybersicherheit #ATHENE -
Eine #Schwachstelle in der grundlegenden Struktur des Internets wurde von unserem #Forschungszentrum entdeckt. Unsere Expert*innen sind darauf in einem Artikel der #FrankfurterRundschau @FR genauer eingegangen.
Hier finden Sie den Artikel:
https://www.fr.de/rhein-main/darmstadt/forschungszentrum-in-darmstadt-deckt-sicherheitsluecke-auf-hacker-haetten-internet-lahmlegen-koennen-92844483.html
#Keytrap #Sicherheitslücke #Internet #Darmstadt #Frankfurt #Hessen #Forschung #IT #Cybersicherheit #ATHENE -
Eine #Schwachstelle in der grundlegenden Struktur des Internets wurde von unserem #Forschungszentrum entdeckt. Unsere Expert*innen sind darauf in einem Artikel der #FrankfurterRundschau @FR genauer eingegangen.
Hier finden Sie den Artikel:
https://www.fr.de/rhein-main/darmstadt/forschungszentrum-in-darmstadt-deckt-sicherheitsluecke-auf-hacker-haetten-internet-lahmlegen-koennen-92844483.html
#Keytrap #Sicherheitslücke #Internet #Darmstadt #Frankfurt #Hessen #Forschung #IT #Cybersicherheit #ATHENE -
Looks like @sans_isc picked up on an exploit for KeyTrap - I haven't tested it yet, and it is explicitly documented as being defanged, but looks legit on the surface:
https://github.com/knqyf263/CVE-2023-50387
Added to my roll-up post.
-
Looks like @sans_isc picked up on an exploit for KeyTrap - I haven't tested it yet, and it is explicitly documented as being defanged, but looks legit on the surface:
https://github.com/knqyf263/CVE-2023-50387
Added to my roll-up post.
-
Looks like @sans_isc picked up on an exploit for KeyTrap - I haven't tested it yet, and it is explicitly documented as being defanged, but looks legit on the surface:
https://github.com/knqyf263/CVE-2023-50387
Added to my roll-up post.
-
Looks like @sans_isc picked up on an exploit for KeyTrap - I haven't tested it yet, and it is explicitly documented as being defanged, but looks legit on the surface:
https://github.com/knqyf263/CVE-2023-50387
Added to my roll-up post.
-
Looks like @sans_isc picked up on an exploit for KeyTrap - I haven't tested it yet, and it is explicitly documented as being defanged, but looks legit on the surface:
https://github.com/knqyf263/CVE-2023-50387
Added to my roll-up post.
-
KeyTrap: Vulnerabilidad crítica de diseño en DNS https://blog.elhacker.net/2024/02/keytrap-vulnerabilidad-critica-diseno-dns.html #vulnerabilidad #keytrap #cve #dns
-
KeyTrap: Vulnerabilidad crítica de diseño en DNS https://blog.elhacker.net/2024/02/keytrap-vulnerabilidad-critica-diseno-dns.html #vulnerabilidad #keytrap #cve #dns
-
"Since the initial disclosure of the vulnerabilities on November 2, 2023, we have been working with all major vendors on mitigating the problems in their implementations."
"We recommend that everyone installs the patches and updates their DNS software. We recommend to continue using DNSSEC, encourage the domains to get signed, and all the resolvers to enforce DNSSEC validation. DNSSEC is the only practical measure to block DNS cache poisoning attacks."
https://labs.ripe.net/author/haya-shulman/keytrap-algorithmic-complexity-attacks-exploit-fundamental-design-flaw-in-dnssec/
#DNSSEC #DNS #KEYTRAP
