location:Home > DNSCERT > Statistics
Randomness of port in DNS packet
2012/09/27 09:42author:
[ size:big normal small ]

The randomness of client ports used by recursive domain name servers to launch external queries affects the security level of domain name’s resolution greatly. If ports’ random algorithm is not secure enough, the domain name server is liable to cache poisoning attack. The well-known Kaminsky Vulnerability is the attack launched by taking advantage of the weak randomness of recursive servers’ client ports. Statistics show that the port randomness of more than 4% of China’s recursive domain name servers is weak, far above the world level of 0.98%. They are liable to DNS hijacking and attack.

Contact Us
TEL 010--58813000
Address:Floor 1, Building 1, Software Park, Chinese Academy of Sciences, 4 South 4th Street, Zhongguancun, Beijing
Email:service@cnnic.cn(For Service)
   supervise@cnnic.cn(For Complaint)

WebSite Map | Contact Us
ICP备案编号:京ICP备09112257号 版权所有 中国互联网络信息中心