/*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} Problem 3 DNS servers also allow reverse l... [FREE SOLUTION] | 91Ó°ÊÓ

91Ó°ÊÓ

Log out

Learning Materials

Features

Discover

Chapter 9: Problem 3

DNS servers also allow reverse lookup; given an IP address \(128.112 .169 .4\), it is reversed into a text string 4.169.112.128.in-addr.arpa and looked up using DNS PTR records (which form a hierarchy of domains analogous to that for the address domain hierarchy). Suppose you want to authenticate the sender of a packet based on its host name and are confident that the source IP address is genuine. Explain the insecurity in converting the source address to a name as above and then comparing this name to a given list of trusted hosts. Hint: Whose DNS servers would you be trusting?

Short Answer

Expert verified
The insecurity lies in trusting the DNS server controlled by the IP address owner, which could be manipulated by an attacker to return a misleading domain name.

Step by step solution

01

Understand the Process of Reverse DNS Lookup

A reverse DNS lookup converts an IP address to a domain name. For the IP address 128.112.169.4, it is reversed to form the string 4.169.112.128.in-addr.arpa.
02

The Role of DNS PTR Records

The string 4.169.112.128.in-addr.arpa is queried in the DNS system to retrieve the corresponding PTR record, which provides the domain name associated with the IP address.
03

Consider the Trustworthiness of DNS Servers

When performing a reverse DNS lookup, the DNS server of the owner of the IP address responds with a domain name. This means trust is placed on the DNS server controlled by the owner of the IP address.
04

Identify Potential Insecurities

If a malicious user controls the DNS server for an IP address, they can return any domain name of their choosing, including one from a trusted list, potentially misleading the authenticity check.
05

Evaluate the Trust Model

The main insecurity is the reliance on the DNS server of the IP address owner. There is no guarantee that this server is trustworthy, as it could be controlled by an attacker.
06

Summary of Insecurity

The security issue lies in the fact that the entity controlling the IP address can manipulate the reverse DNS lookup, thus an attacker can fake a trusted domain name.

Unlock Step-by-Step Solutions & Ace Your Exams!

  • Full Textbook Solutions

    Get detailed explanations and key concepts

  • Unlimited Al creation

    Al flashcards, explanations, exams and more...

  • Ads-free access

    To over 500 millions flashcards

  • Money-back guarantee

    We refund you if you fail your exam.

Over 30 million students worldwide already upgrade their learning with 91Ó°ÊÓ!

Key Concepts

These are the key concepts you need to understand to accurately answer the question.

DNS PTR Records
A DNS PTR (Pointer) record is used in reverse DNS lookups. When you have an IP address, a reverse DNS lookup will query for the PTR record to get the associated domain name. This process is like looking up a person's name by their phone number.

For example, let's take the IP address 128.112.169.4. In a reverse DNS lookup, this IP address is reversed and then appended with .in-addr.arpa to create 4.169.112.128.in-addr.arpa. This special domain is then queried for a PTR record.

The DNS PTR record will return the domain name linked to that IP address. The core idea behind this mechanism is to map an IP address back to a human-readable domain name using the DNS system. It helps identify the domain name behind an IP without manual tracking, facilitating network administration and security tasks.
IP Address Authentication
Authenticating an IP address involves confirming that the IP address belongs to the expected sender. It's crucial in ensuring the security and integrity of data packets traveling over networks.

In a scenario where we rely on reverse DNS lookup for authentication, the idea is that by converting an IP address to its domain name, we can verify if this domain is on a list of trusted hosts. This process assumes that if the domain name is trusted, then the IP address is legitimate too.

However, there's an essential question to consider: Can we trust the DNS servers of the IP address holder? This question leads us to a significant insecurity. If the DNS server is controlled by someone malicious, they can manipulate the reverse DNS lookup to return any domain name, even one from our list of trusted hosts. Consequently, the actual IP address owner could be spoofed, leading to potential security breaches.
Trust Models in DNS
In DNS systems, trust models define how much confidence we place in DNS servers to provide accurate and secure information. This trust becomes critical, especially when dealing with reverse DNS lookups for authentication purposes.

With reverse DNS, we inherently trust the DNS server that responds with a domain name for a queried IP address. This posed a risk in situations where the DNS server might be under the control of a malevolent user. If an attacker controls the DNS server, they can return falsified domain names during a reverse lookup.

Therefore, placing COMPLETE trust in the reverse DNS lookup process reveals an inherent insecurity. The trust model would fail if the responsible DNS server were compromised. To mitigate these risks, additional layers of verification and cross-checking with multiple sources become necessary. It's crucial to have a comprehensive trust model that does not solely rely on DNS PTR records for IP address authentication.

One App. One Place for Learning.

All the tools & learning materials you need for study success - in one app.

Get started for free

Most popular questions from this chapter

One of the central problems faced by a protocol such as MIME is the vast number of data formats available. Consult the MIME RFC to find out how MIME deals with new or system-specific image and text formats.

Video applications typically run over UDP rather than TCP because they cannot tolerate retransmission delays. However, this means video applications are not constrained by TCP's congestion-control algorithm. What impact does this have on TCP traffic? Be specific about the consequences. Fortunately, these video applications often use RTP, which results in RTCP "receiver reports" being sent from the sink back to the source. These reports are sent periodically (e.g., once a second) and include the percentage of packets successfully received in the last reporting period. Describe how the source might use this information to adjust its rate in a TCP-compatible way.

One feature of the existing DNS .com hierarchy is that it is extremely "wide." (a) Propose a more hierarchical reorganization of the .com hierarchy. What objections might you foresee to your proposal's adoption? (b) What might be some of the consequences of having most DNS domain names contain four or more levels, versus the two of many existing names?

MIME supports multiple representations of the same content using the multipart/ alternative syntax; for example, text could be sent as text/plain, text/richtext, and application/postscript. Why do you think plaintext is supposed to be the first format, even though implementations might find it easier to place plaintext after their native format?

Suppose, in the other direction, we abandon any pretense at all of DNS hierarchy, and simply move all the .com entries to the root name server: www.cisco.com would become www.cisco, or perhaps just cisco. How would this affect root name server traffic in general? How would this affect such traffic for the specific case of resolving a name like cisco into a Web server address?
See all solutions

Recommended explanations on Computer Science Textbooks

Game Design in Computer Science

Read Explanation

Problem Solving Techniques

Read Explanation

Databases

Read Explanation

Computer Network

Read Explanation

Algorithms in Computer Science

Read Explanation

Theory of Computation

Read Explanation
View all explanations

What do you think about this solution?

We value your feedback to improve our textbook solutions.

Study anywhere. Anytime. Across all devices.