Amit Klein
October-November 2007
More from Trusteer:
The Threat of DNS Spoofing
on financial institutions
Read this paper
Abstract
The paper describes a weakness in the pseudo random number generator (PRNG)
in use by OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD, FreeBSD and
DragonFlyBSD to produce random DNS transaction IDs (OpenBSD) and random
IP fragmentation IDs (OpenBSD, Mac OS X, Mac OS X Server, Darwin, NetBSD,
FreeBSD and DragonFlyBSD – the latter three only if the kernel flag
net.inet.ip.random_id is 1). A technique is disclosed that allows an attacker to
detect the algorithm used and predict its next values. This technique can be used
to conduct DNS cache poisoning attack on OpenBSD DNS server (which is a
modified BIND 9 server) in caching mode. A predictability algorithm is described
that typically provides 8-10 possible guesses for the next transaction ID value,
thereby overcoming whatever protection offered by the transaction ID
mechanism. This enables a much more effective DNS cache poisoning than the
currently known attacks against the OpenBSD DNS server. The net effect is that
pharming attacks are feasible against OpenBSD caching DNS servers, without the
need to directly attack neither DNS servers nor clients (PCs). A similar technique
is disclosed to detect the algorithm used for the IP fragmentation ID generation
(thereby enabling fingerprinting, traffic analysis and host alias detection for
OpenBSD, Mac OS X, Mac OS X Server and Darwin (and NetBSD, FreeBSD,
DragonFlyBSD, if the kernel flag net.inet.ip.random_id is 1), as well as detecting
“missing” IDs, which can be used in nmap’s IdleScan method (as the “zombie”
machine whose IP is used to scan the actual target host). IP fragmentation ID can
also be used (in some cases) for TCP blind data injection.
