Patrick O'Keefe wrote:
I thought this newly surfaced vulnerability was based on "I don't
know, but he knows something that's close" processing - something
I'd never heard of before this past weekend.
In any case it sounds like the vulnerability is not due to a bug
but due to the DNS architecture. I can't imagine what the "fix"
is unless it is disabling the "in-bailiwick" processing.
IIUC, the fix randomizes the DNS source port and transaction ids. Dan
Kaminsky is supposed to give full details at Black Hat in a couple of days.
--
Edward E Jaffe
Phoenix Software International, Inc
5200 W Century Blvd, Suite 800
Los Angeles, CA 90045
310-338-0400 x318
[EMAIL PROTECTED]
http://www.phoenixsoftware.com/
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
