Mixed-Case Domain Queies

Question

Mixed-Case Domain Queies

Opened this issue 9 years ago · 0 comments

GoogleCodeExporter commented 9 years ago

In many cases DNS queries will contain a mixed-case domain name as a mean of 
additional security. The DNS server included fails to parse mixed-case domain 
names due a case-sensitive comparison. 

Example: nslookup yourdomain.com 167.206.245.135

Line 92 & 93 of dns.c seem to be the fail point

fqdn_offset = strstr(question_domain,fqdn);
if(fqdn_offset == NULL || (fqdn_offset && strlen(fqdn_offset) != strlen(fqdn))){

***References***

-Increased DNS Forgery Resistance Through 0x20-Bit Encoding

http://webcache.googleusercontent.com/search?q=cache:_LzckuNoOSYJ:courses.isi.jh
u.edu/netsec/papers/increased_dns_resistance.pdf

Original issue reported on code.google.com by t35...@gmail.com on 12 Sep 2014 at 5:19