Mark Minasi's Reader Forum

Mark Minasi's Reader Forum

Username:	Password:
Save Password
Forgot your Password?

All Forums

Off Topic

Off Topic Banter

DNS Flaw

New Topic

Reply to Topic

Printer Friendly

Author

Topic

Nelman
Seasoned But Casual Onlooker

USA
85 Posts
Status: offline

Posted - 07/09/2008 : 1:44:37 PM

I don't know if this is the proper forum to post this, but I wasn't exactly sure which board to post on. If not, I apologize in advance.

I came across an article today from network world this morning discussing a recent DNS flaw:

(http://www.networkworld.com/news/2008/070808-dns-flaw-disrupts-internet.html?page=1).

Is this as big a deal as I imagine or is this just another one of those pesky patches? Seeing as it effects all aspects of internetworking, seems like big deal to me.

I would be curious to see what others think about this issue. Any takers?

Thanks!

Nelman

"Let me drop everything, and work on your problem..."

don2007
Honorable But Hopeless Addict

1529 Posts
Status: offline

Posted - 07/09/2008 : 3:06:00 PM

DNS poisoning is nothing new and it seems that Bind 9.0 doesn't solve the problem.

Quote from the article:

Both current and older versions of DNS may be vulnerable, Kaminsky says, and patches may not be available for older DNS software. He says Yahoo was vulnerable because it uses an older version of BIND but had committed to upgrading to BIND 9.0

The attack is explained at the site below. Just scroll down, don't click on read this paper.

http://www.trusteer.com/bind9dns

How do you know when a politician is lying? His mouth is moving.