CAPEC-589
Melding voor een CAPEC
Blijf op de hoogte van wijzigingen voor een specifieke CAPEC.
Beschrijvingen CAPEC
An adversary intercepts traffic and intentionally drops DNS requests based on content in the request. In this way, the adversary can deny the availability of specific services or content to the user even if the IP address is changed.
Informatie CAPEC
Vereisten
This attack requires the ability to conduct deep packet inspection with an In-Path device that can drop the targeted traffic and/or connection.Mitigaties
Hard Coded Alternate DNS server in applicationsAvoid dependence on DNS
Include "hosts file"/IP address in the application.
Ensure best practices with respect to communications channel protections.
Use a .onion domain with Tor support
Gerelateerde zwakheden
| Zwakheidsnaam | |
|---|---|
CWE-300 |
Channel Accessible by Non-Endpoint The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. |
Referenties
REF-473
Censorship in the Wild: Analyzing Internet Filtering in Syriahttp://conferences2.sigcomm.org/imc/2014/papers/p285.pdf
Indiening
| Naam | Organisatie | Datum | Releasedatum |
|---|---|---|---|
| Seamus Tuohy |
Wijzigingen
| Naam | Organisatie | Datum | Opmerking |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns, Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Mitigations |
