## page was copied from DnsTemplate
##master-page:HelpTemplate


<<Navigation(children,1)>>

<<TableOfContents()>>

https://securitytrails.com/blog/blast-radius-dns-takeovers
Blast Radius: DNS Takeovers  [[/blast_radius_DNS]]

SecurityTrails Blog · Aug 03 2021 · by Patrik Hudák
{{{
In May 2021, however, Amazon released the fix for this behavior by simply not assigning the same nameservers twice to the same DNS zone. 
}}}
とあるが、どこまで正しいか。-- ToshinoriMaeno <<DateTime(2022-03-13T13:50:41+0900)>>

https://brightsec.com/blog/dns-attack/

5 DNS Attack Types and How To Prevent Them
Admir Dizdar

    November 4, 2021 
== subdomain ==
Can I Take Your Subdomain? Exploring Same-Site Attacks in the Modern Web
Authors: 

Marco Squarcina, Mauro Tempesta, and Lorenzo Veronese, TU Wien; Stefano Calzavara, Università Ca' Foscari Venezia & OWASP; Matteo Maffei, TU Wien

https://www.usenix.org/conference/usenixsecurity21/presentation/squarcina


Risky BIZness: risks derived from registrar name management
https://dl.acm.org/doi/10.1145/3487552.3487816

== history ==
{{{
[52] Daiping Liu, Shuai Hao, and Haining Wang. 2016. All your DNS records point to
us: Understanding the security threats of dangling DNS records. In Proceedings
of the ACM SIGSAC Conference on Computer and Communications Security. 1414–
1425.
[53] Daiping Liu, Zhou Li, Kun Du, Haining Wang, Baojun Liu, and Haixin Duan.
2017. Don’t Let One Rotten Apple Spoil the Whole Barrel: Towards Automated
Detection of Shadowed Domains. In proceedings of the ACM SIGSAC Conference
on Computer and Communications Security. 537–552.
}}}
----
CategoryDns CategoryWatch CategoryTemplate