Abstract by Tsung-Chiang Johnny Huang
Tsung-Chiang Johnny Huang
Analysis and Potential Vulnerabilities on BIND9’s Implementations to Handle Errors
BIND9 is an open-source DNS resolver implementation. Just as many other resolvers, BIND9 can be configured to be an authoritative server or a recursive resolver. An authoritative server is the destination that a client wants to reach. A recursive resolver is a helper for the client to reach the authoritative server. One of the important features for recursive resolver is to cache and store information that the authoritative servers send. This is done in case of server shutdown and other incidents where the authoritative servers cannot be reached. While this feature is extremely useful, it presents potential compromises for traffic redirection. My research on BIND9’s implementation to handle errors when the communication with authoritative servers are not available. And I will present the most updated data and the implication thereof.