Dan Kaminsky

Dan Kaminsky is a specialist in computer security and managing director of penetration testing company IOActive. He has previously worked for Cisco and Avaya and is one of the leading security experts that deal with the security of the Domain Name System. Kaminsky is a regular speaker at the Chaos Communication Congress, as well as the Black Hat Briefings.

Sony rootkit

When it became known that the copy protection used by Sony BMG XCP has rootkit functionality, used Kaminsky DNS cache snooping to estimate the distribution of XCP. He counted 568 200 public name servers that have cached domain names that were associated with XCP, which may indicate the presence of at least one potentially infected computer.

Earthlink and DNS lookup

In April 2008, Kaminsky published a discovered vulnerability in advance, such as Earthlink failed DNS lookups handles. This gap he could also take on other Internet service providers. Many vendors have experimented with the interception of response messages from non-existent domain names and replaced them with advertising content. Phishers can the servers that deliver the advertising attack, and use non- existing subdomains and instead of advertising display a phishing form. Kaminsky demonstrated this when he einblendete Rick Rolls into Facebook and PayPal. While this vulnerability initially emanated from the set of Earthlink's software Barefruit, it Kaminsky was possible to generalize the gap, and so the advertising provider Paxfire, which is used by Verizon to attack.

Kaminsky went public with this vulnerability was reported after that Network Solutions offers a similar service like Earthlink.

Error in the Domain Name System

In July 2008, announced the US-CERT that Kaminsky had discovered a fundamental flaw in the Domain Name System, which is very easy to allow the attacker could perform cache poisoning attacks against most name server implementations. Kaminsky had previously worked together with developers of DNS software on a patch that should make it more difficult to exploit this vulnerability, and which was published on 8 July 2008. The vulnerability was not patched in itself, since this is a design weakness in the DNS was not originally considered in the cache poisoning.

Kaminsky had to wait 30 days after the scheduled release of the patch, until he wanted to divulge details of the attack, but this information is leaked on 21 July 2008. The information was indeed shut down immediately, but at this time quite a few websites had placed a mirror.

The vulnerability was a wide coverage, even outside the trade press. At the Black Hat 2008 conference Kaminsky got the Pwnie award for the "Most overhyped security vulnerability" ( German: most hyped vulnerability ).

DNSSEC root key

Dan Kaminsky is one of seven people who saved for ICANN a smart card to access a backup of the root DNSSEC key. Cases, the hardware security modules to the root of DNSSEC keys, a backup can be decrypted by use of five of the seven smart cards.

Automatic detection of the Conficker Virus

March 27, 2009 Kaminsky discovered that Conficker -infected computers have a detectable signature when you scan them. This was followed fairly quickly signature updates for network scanner such as Nmap or Nessus.

Weaknesses in the X.509 Internet infrastructure

Kaminsky discovered in 2009 in collaboration with Meredith L. Patterson and Len Sassaman many gaps in the SSL and Verisign MD2 that began in one of their root certificates and it was possible by parsing errors, issue certificates that were not controlled.

" Zero For 0wned " attack

On July 28, 2009 Kaminsky and other security experts victim of an attack by hackers, the private e -mails, passwords, chat logs, and other private information was published. The attack coincides with Kaminsky's participation in the Black Hat Briefings and the DEF CON.

Phreebird Suite

At the Black Hat Abu Dhabi announced Kaminsky publish Phreebird in version 1.0. This tool set provides digital signatures based on DNSSEC to easily create lassen.In the next versions of the automatic key exchange should be supported. The additional tool Phreeload allows X.509 certificates in OpenSSL to be replaced by DNSSEC signatures.