DNS Attacks

[Les Mikesell]

Björn Persson wrote:
> 
>>>> Could you elaborate on how whois guards against malicious system
>>>> administrators?
>> It spreads the number of things that have to be compromised to fool you.
>> The person who had access to copy the security certificate may not be
>> the same one that registers the public DNS servers.
> 
> OK, a slight improvement, but it still depends on the bank's security 
> routines, just like the secrecy of the secret key does.
> 
>> Maybe it's a backup 
>> operator who knows how to restore a copy elsewhere
> 
> Well, a backup copy of a secret key is just as secret as the "live" copy and 
> must be protected by just as rigorous routines.

Agreed, and this is probably is the case for banking institutions that 
only rarely lose control of a truckload of backup tapes.  But there are 
almost certainly places that have secure certificates that can't audit 
all the potential copies that might have been made.

>>  >> Do you think security could be improved by having
>>>> browsers and other programs make whois queries automatically?
>> Slightly, but the DNS infrastructure probably would not handle having
>> every query send to an authoritative source, which is why we have the
>> caches that can be compromised in the first place.
> 
> So doing that manually works for you only because most people don't do it?

Most internet operations aren't worth this tradeoff in trouble vs. 
security.  But if you have any reason to think your DNS is compromised, 
it might be worth an extra step before doing a secure transaction.

>>> Also, if it is the a system administrator at the bank, what is to
>>> prevent him from just changing the real name servers?
>> That's visible and would leave traces in obvious places.
> 
> As I already wrote, a bank should have things set up so that copying a secret 
> key would also leave traces.

If they haven't outsourced that job and left it up to someone else to 
comply.

-- 
    Les Mikesell
     lesmikesell at gmail.com