CAPEC-589
Alerta para um CAPEC
Fique informado sobre quaisquer alterações para um CAPEC específico.
Descrições CAPEC
An adversary intercepts traffic and intentionally drops DNS requests based on content in the request. In this way, the adversary can deny the availability of specific services or content to the user even if the IP address is changed.
Informações CAPEC
Pré-requisitos
This attack requires the ability to conduct deep packet inspection with an In-Path device that can drop the targeted traffic and/or connection.Mitigações
Hard Coded Alternate DNS server in applicationsAvoid dependence on DNS
Include "hosts file"/IP address in the application.
Ensure best practices with respect to communications channel protections.
Use a .onion domain with Tor support
Fraquezas Relacionadas
| Nome da Fraqueza | |
|---|---|
CWE-300 |
Channel Accessible by Non-Endpoint The product does not adequately verify the identity of actors at both ends of a communication channel, or does not adequately ensure the integrity of the channel, in a way that allows the channel to be accessed or influenced by an actor that is not an endpoint. |
Referências
REF-473
Censorship in the Wild: Analyzing Internet Filtering in Syriahttp://conferences2.sigcomm.org/imc/2014/papers/p285.pdf
Submissão
| Nome | Organização | Data | Data de lançamento |
|---|---|---|---|
| Seamus Tuohy |
Modificações
| Nome | Organização | Data | Comentário |
|---|---|---|---|
| CAPEC Content Team | The MITRE Corporation | Updated Related_Attack_Patterns, Related_Weaknesses | |
| CAPEC Content Team | The MITRE Corporation | Updated Mitigations |
