Otu ndị nyocha sitere na Mahadum Tel Aviv na Interdisciplinary Center na Herzliya (Israel)
Nsogbu a metụtara ihe dị iche iche nke protocol ma na-emetụta sava DNS niile na-akwado nhazi ajụjụ recursive, gụnyere.
Mwakpo ahụ dabere na onye na-awakpo ahụ na-eji arịrịọ na-ezo aka na ọnụ ọgụgụ buru ibu nke ndekọ NS akụkọ ifo a na-ahụbeghị na mbụ, nke a na-enyefe aha ya, ma na-enweghị ịkọwa ndekọ gluu na ozi gbasara adreesị IP nke sava NS na nzaghachi. Dịka ọmụmaatụ, onye na-awakpo na-eziga ajụjụ iji dozie aha sd1.attacker.com site na ijikwa ihe nkesa DNS maka ngalaba attacker.com. Na nzaghachi na arịrịọ onye na-edozi arịrịọ maka sava DNS nke onye mwakpo ahụ, a na-enye nzaghachi nke na-enyefe mkpebi nke adreesị sd1.attacker.com na sava DNS nke onye ahụ tara ahụhụ site n'igosi ndekọ NS na nzaghachi na-enweghị ịkọwapụta sava IP NS. Ebe ọ bụ na ahụbeghị ihe nkesa NS ahụ a kpọtụrụ aha na mbụ na akọwapụtaghị adreesị IP ya, onye na-eme mkpebi ahụ na-anwa ịchọpụta adreesị IP nke ihe nkesa NS site na iziga ajụjụ na sava DNS nke onye ahụ metụtara na-eje ozi na mpaghara ebumnuche (victim.com).
Nsogbu bụ na onye na-awakpo ahụ nwere ike ịzaghachi na nnukwu ndepụta nke sava NS na-adịghị emegharị ya na aha subdomain na-adịghị adị adị (fake-1.victim.com, fake-2.victim.com,... fake-1000. onye.com). Onye na-edozi ya ga-anwa iziga arịrịọ na sava DNS nke onye ahụ, mana ọ ga-enweta nzaghachi na achọtaghị ngalaba ahụ, mgbe nke ahụ gasịrị, ọ ga-anwa ịchọpụta ihe nkesa NS na-esote na listi ahụ, na ihe ndị ọzọ ruo mgbe ọ gbalịrị ihe niile. Ihe ndekọ NS nke onye mwakpo ahụ depụtara. N'ihi ya, maka arịrịọ otu onye na-awakpo, onye na-edozi ya ga-ezite ọnụ ọgụgụ dị ukwuu nke arịrịọ iji chọpụta ndị ọbịa NS. Ebe ọ bụ na a na-emepụta aha ihe nkesa NS na-enweghị usoro ma na-ezo aka na subdomains na-adịghị adị, a naghị ewepụta ha na cache na arịrịọ ọ bụla sitere n'aka onye na-awakpo ahụ na-ebute arịrịọ nke ihe nkesa DNS na-eje ozi na ngalaba onye ihe metụtara.
Ndị nchọpụta nyochara ogo nke adịghị ike nke ndị na-edozi DNS ọha na eze na nsogbu ahụ wee kpebie na mgbe ị na-eziga ajụjụ na CloudFlare resolver (1.1.1.1), ọ ga-ekwe omume ịbawanye ọnụ ọgụgụ nke ngwugwu (PAF, Packet Amplification Factor) site na ugboro 48, Google (8.8.8.8) - 30 ugboro, FreeDNS (37.235.1.174) - 50 ugboro, OpenDNS (208.67.222.222) - 32 ugboro. A na-ahụ ihe ngosi ndị ọzọ pụtara ìhè maka
Ọkwa 3 (209.244.0.3) - ugboro 273, Quad9 (9.9.9.9) - ugboro 415
SafeDNS (195.46.39.39) - ugboro 274, Verisign (64.6.64.6) - ugboro 202,
Ultra (156.154.71.1) - 405 ugboro, Comodo Secure (8.26.56.26) - 435 ugboro, DNS.Watch (84.200.69.80) - 486 ugboro, na Norton ConnectSafe (199.85.126.10) - 569 ugboro. N'ihi na sava dabeere na BIND 9.12.3, n'ihi parallelization nke arịrịọ, uru larịị nwere ike iru ruo 1000. Na Knot Resolver 5.1.0, uru larịị bụ ihe dị ka ọtụtụ iri iri ugboro (24-48), ebe ọ bụ na mkpebi siri ike nke. A na-eme aha NS n'usoro wee dabere na oke dị n'ime ọnụ ọgụgụ nke usoro mkpebi aha enyere maka otu arịrịọ.
E nwere isi ụzọ nchekwa ụzọ abụọ. Maka sistemụ nwere DNSSEC
isi: opennet.ru