DNS bug

Filed Under error 

Dan Kaminski discovered flaw in foundations of internet – DNS servers. Even he kept silence about the details exploit was published on internet. So if you want to be safe visit his blog to check your DNS servers.

Without them everyone should maintain theit own hosts name linking IP address and FQDN (fully qualified domain name such as “blog.hbcom.info” or “www.google.com”). For more information about DNS systrem check here.

There is a lot of discussions on internet. Just a sample of them:

http://addxorrol.blogspot.com

http://blogs.zdnet.com/security/?p=1546

http://rdist.root.org/2008/07/21/dns-novice-discovers-secret-flaw/

http://www.centos.org

and many more…

For me is unclear how this flaw affects the users behind caching only server. My understanding is that for cache to be poisoned it should accept the request first. So it could be done only from insiders. So majority of users are not affected. And the flaw affects more ISP’s and other similar setups.

Also we (users) should have more explanations since it seems that alll patches only randomize the source port of the request. If this is the solution there is no need to apply patch just change the configuration to randomize he ports.

Note: This is serious flaw and nothing could guaranteed.

Comments

One Response to “DNS bug”

  1. Hey! · on July 27th, 2008 12:19 pm

    […] News » News News DNS bug2008-07-27 11:19:33- DNS servers. Even he kept silence about the details exploit was published on […]

Leave a Reply