Unit Instance
Units API.
See the Weblate's Web API documentation for detailed description of the API.
GET /api/units/35986/?format=api
{ "translation": "https://weblate.info.ucl.ac.be/api/translations/cnp3-ebook/protocolsdnssec/en/?format=api", "source": [ "Mallory has studied the DNS protocol and understands how it works. If he can predict a popular domain for which Alice will regularly send DNS requests, then he can prepare a set of DNS responses that map the name requested by Alice to an IP address controlled by Mallory instead of the legitimate DNS response. Each DNS response has a different `Identification`. Since there are only 65,536 values for the `Identification` field, it is possible for Mallory to send them to Alice hoping that one of them will be received while Alice is waiting for a DNS response with the same identifier. In the past, it was difficult to send 65,536 DNS responses quickly enough. However, with the high speed links that are available today, this is not an issue anymore. A second concern for Mallory is that he must be able to send the DNS responses as if they were coming directly from the DNS resolver. This implies that Mallory must be able to send IP packets that appear to originate from a different address. Although networks should be configured to prevent this type of attack, this is not always the case and there are networks where it is possible for a host to send packets with a different source IP address [#fspoof]_. If the attack targets a single end user, e.g. Alice, this is annoying for this user. However, if the attacker can target a DNS resolver that serves an entire company or an entire ISP, the impact of the attack can be much larger in particular if the injected DNS response carries a long TTL and thus resides in the resolver's cache for a long period of time." ], "previous_source": "", "target": [ "Mallory has studied the DNS protocol and understands how it works. If he can predict a popular domain for which Alice will regularly send DNS requests, then he can prepare a set of DNS responses that map the name requested by Alice to an IP address controlled by Mallory instead of the legitimate DNS response. Each DNS response has a different `Identification`. Since there are only 65,536 values for the `Identification` field, it is possible for Mallory to send them to Alice hoping that one of them will be received while Alice is waiting for a DNS response with the same identifier. In the past, it was difficult to send 65,536 DNS responses quickly enough. However, with the high speed links that are available today, this is not an issue anymore. A second concern for Mallory is that he must be able to send the DNS responses as if they were coming directly from the DNS resolver. This implies that Mallory must be able to send IP packets that appear to originate from a different address. Although networks should be configured to prevent this type of attack, this is not always the case and there are networks where it is possible for a host to send packets with a different source IP address [#fspoof]_. If the attack targets a single end user, e.g. Alice, this is annoying for this user. However, if the attacker can target a DNS resolver that serves an entire company or an entire ISP, the impact of the attack can be much larger in particular if the injected DNS response carries a long TTL and thus resides in the resolver's cache for a long period of time." ], "id_hash": -8479535126757566994, "content_hash": -8479535126757566994, "location": "../../protocols/dnssec.rst:62", "context": "", "note": "", "flags": "", "state": 100, "fuzzy": false, "translated": true, "approved": false, "position": 8, "has_suggestion": false, "has_comment": false, "has_failing_check": false, "num_words": 281, "source_unit": "https://weblate.info.ucl.ac.be/api/units/35986/?format=api", "priority": 100, "id": 35986, "web_url": "https://weblate.info.ucl.ac.be/translate/cnp3-ebook/protocolsdnssec/en/?checksum=a52a3ba8d2b15ee", "url": "https://weblate.info.ucl.ac.be/api/units/35986/?format=api", "explanation": "", "extra_flags": "", "pending": false, "timestamp": "2021-08-27T15:42:26.792414+02:00" }