TXTing 101

Der Toorn, Olivier van; van Rijswijk‑Deij, Roland; Fiebig, T.; Lindorfer, Martina; Sperotto, Anna

TXTing 101

Finding Security Issues in the Long Tail of DNS TXT Records

Conference paper (2020)

Authors

Olivier van Der Toorn University of Twente

Roland van Rijswijk‑Deij University of Twente

T. Fiebig

Martina Lindorfer Technische Universität Wien

Anna Sperotto University of Twente

Security Measurement DNS Classification

To reference this document use:

http://resolver.tudelft.nl/uuid:21171784-cc33-4dc2-95bb-a3e91bf73c7b

More Info

expand_more

Published Date

2020

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

The DNS TXT resource record is the one with the most flexibility for its contents, as it is a largely unstructured. Although it might be the ideal basis for storing any form of text-based information, it also poses a security threat, as TXT records can also be used for malicious and unintended practices. Yet, TXT records are often overlooked in security research. In this paper, we present the first structured study of the uses of TXT records, with a specific focus on security implications. We are able to classify over 99.54% of all TXT records in our dataset, finding security issues including accidentally published private keys and exploit delivery attempts. We also report on our lessons learned during our large-scale, systematic analysis of TXT records.

Files

09229819.pdf

(pdf | 0.95 Mb)

Unknown license

Download not available