Google aims to speed up DNS requests

Google and Neustar UltraDNS have proposed a extension to try to build some geographic awareness into the Domain Name System.

The proposed extension, called Client IP information in DNS requests, would send along the first three quarters of a user’s IP address along with an DNS request. The last quarter would be cut off to preserve some privacy, but the first part should be enough to geographically target the answer in some cases, Google said in a blog post on Wednesday.

As designed, it would, for example, return the address for Google’s Dutch server, not Google’s California server, to a user in the Netherlands who needs to reach it.

For more on this story, see Google proposes geo-smart Internet speedup on CNET News.

Google aims to speed up DNS requests

Google and Neustar UltraDNS have proposed a extension to try to build some geographic awareness into the Domain Name System.

The proposed extension, called Client IP information in DNS requests, would send along the first three quarters of a user’s IP address along with an DNS request. The last quarter would be cut off to preserve some privacy, but the first part should be enough to geographically target the answer in some cases, Google said in a blog post on Wednesday.

As designed, it would, for example, return the address for Google’s Dutch server, not Google’s California server, to a user in the Netherlands who needs to reach it.

For more on this story, see Google proposes geo-smart Internet speedup on CNET News.

Stealing Cookies with WifiZoo

The purpose of this blog post is to demonstrate the sort of thing an attacker could do just by listening to your traffic on a wireless network.

In the example below I will set my wireless card to capture cookies from a valid session between a victim and a website. The attacker is then able to easily connect to the website using the captured cookie and will automatically be logged in as the victim.

I have tested this on a number of websites including Google Mail, however, i will demonstrate this using a connection to a web forum called Binary Revolution. Please note, this is not possible due to a fault with the websites, it is possible due to unencrypted traffic. That said, I could perform the same attack on a wired network using arp-cache poisoning.


Tools

• Kismet
• WifiZoo
• Firefox

The Attack

1. Using Kismet I find my target network and force it to lock onto just that channel.




2. I now use the command below to bring up my wireless interface.

ifconfig wlan0 up


3. I start Wifizoo, point my Firefox proxy settings to 127.0.0.1 port 8080 and point my browser to the wifizoo config page on http://127.0.0.1:8000




4. I now connect my LAN interface to the network, bring it up and get an IP address.

ifconfig eth0 up dhclient eth0


5. On the victim PC which is using a wireless connection I browse to an interesting site and log in.




6. Back on my evil attacker laptop I look at the cookies page In the WifiZoo webpage and see what cookies i have collected so far.



I select a cookie, click on it and I'm taken straight into the website using the victims credentials.



It really is that simple. So next time your on a public network think about what you are doing.


Conclusion

Be careful on public networks, use encryption (SSL and SSH) and VPN's where possible.


Tools used in this blog post were from the BackTrack3 security distro.