Zastrupljanje protokolov za razreševanje imen na lokalnih omrežjih

Urban Dopudja; Matevž Pesek

doi:10.31449/upinf.232

Authors

Urban Dopudja Univerza v Ljubljani, Fakulteta za računalništvo in informatiko
Matevž Pesek Univerza v Ljubljani, Fakulteta za računalništvo in informatiko

DOI:

https://doi.org/10.31449/upinf.232

Keywords:

DNS poisoning, LLMNR, Network security, Hash algorithms

Abstract

In the context of connecting different information systems, the resolution of domain addresses is a key process of identification of stakeholders in the wider environment of the IT infrastructure, which in the case of faulty configuration can pose a risk of abuse by attackers. Due to the growing complexity of the infrastructure, the amount of such attack vectors on information systems has been increasing recently. In this article, we delve deeper into the operation of protocols for the multicast name resolution in networks and their potential abuse. On typical examples, we show ways of using various tools that can be used to carry out such attacks relatively easily. According to the demonstration of the attacks, we then show various mitigations of the displayed attacks, with which the displayed attacks can be sufficiently limited.

Author Biographies

Urban Dopudja, Univerza v Ljubljani, Fakulteta za računalništvo in informatiko

Urban Dopudja je študent na Fakulteti za računalništvo in informatiko Univerze v Ljubljani. Čas posveča strokovnim izpopolnjevanjem na področju kibernetske varnosti. Njegovi raziskovalni interesi segajo na področja spletne varnosti, omrežnih protokolov in nizkonivojske analize sistemov.

Matevž Pesek, Univerza v Ljubljani, Fakulteta za računalništvo in informatiko

Matevž Pesek je docent in raziskovalec na Fakulteti za računalništvo in informatiko Univerze v Ljubljani, kjer je diplomiral (2012) in doktoriral (2018). Od leta 2009 je član Laboratorija za računalniško grafiko in multimedije. Od leta 2024 izvaja predmet Varnost programov.