| T O P I C R E V I E W |
| Nelman |
Posted - 07/09/2008 : 1:44:37 PM
I don't know if this is the proper forum to post this, but I wasn't exactly sure which board to post on. If not, I apologize in advance.
I came across an article today from network world this morning discussing a recent DNS flaw:
(http://www.networkworld.com/news/2008/070808-dns-flaw-disrupts-internet.html?page=1).
Is this as big a deal as I imagine or is this just another one of those pesky patches? Seeing as it effects all aspects of internetworking, seems like big deal to me.
I would be curious to see what others think about this issue. Any takers?
Thanks!
Nelman |
| 3 L A T E S T R E P L I E S (Newest First) |
| NSFEddie |
Posted - 07/11/2008 : 2:01:40 PM
Msft's link: http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx
Known issues: http://support.microsoft.com/kb/953230 |
| Doug G |
Posted - 07/09/2008 : 11:56:09 PM
http://www.kb.cert.org/vuls/id/800113 |
| don2007 |
Posted - 07/09/2008 : 3:06:00 PM
DNS poisoning is nothing new and it seems that Bind 9.0 doesn't solve the problem.
Quote from the article:
Both current and older versions of DNS may be vulnerable, Kaminsky says, and patches may not be available for older DNS software. He says Yahoo was vulnerable because it uses an older version of BIND but had committed to upgrading to BIND 9.0
The attack is explained at the site below. Just scroll down, don't click on read this paper.
http://www.trusteer.com/bind9dns
|
