1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DNS flaw is much worse than first thought

Discussion in 'News' started by wagnerk, Aug 7, 2008.

  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator

    10,831
    357
    341

    DNS flaw is much worse than first thought



    IN A TALK at the Black Hat conference in Las Vega on Wednesday, security researcher Dan Kaminsky said that the systemic Internet Domain Name System (DNS) vulnerability he discovered some months ago is much more dangerous than most have appreciated.

    "Every network is at risk," Kaminsky told the overflow crowd gathered for his presentation. "That's what this flaw has shown." He said that what little he'd initially revealed about the DNS vulnerability, and the later leak of more details about it, was only the tip of an iceberg that he called the worst Internet security risk to surface since 1997.

    The initial worry has been the danger that hackers could exploit the DNS cache poisoning vulnerability that Kaminsky found to hijack web browsers and route unsuspecting wibblers to malicious websites harboring phishing or malware attacks.

    To read the whole read, see here. This is to follow on from this news post.

    -Ken
     
    Certifications: CITP, PGCert, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: PGDip
porta2_tags:

Comments

    1. Crito
      Crito
      Hacker discovers "flaw" is just a common bug and fixes it by changing one character.
      http://it.slashdot.org/article.pl?no_d2=1&sid=08/08/29/127210

    2. hbroomhall
      hbroomhall
      There seems to be a lot of argument about this patch, as it changes the way BIND works.

      I'm not expert enough in BIND to have an informed view, but it seems to me from comments I've seen that not everyone agrees that this is a 'root cause' or even the 'right thing to do'.

      Harry.
    3. onoski
      onoski
      This has been discussed previously in another post started by Freddy and hence the end of it he has not signed into CF:) since then. Please, let it die, die:)

    Share This Page