FUD? Fear, uncertainty and doubt? Why would these guys gain from spreading that?
To the original poster, the vulnerability appears to be that cache poisoning can occur. If your own DNS servers can not be accessed by malicious users, then I think you're safe for the time being, but of course any upstream DNS server might not be safe... There are reports on /. of the BIND patches having a significant performance impact. But I haven't seen any issues yet with the MS patch. Cheers Ken From: Steve Moffat [mailto:[EMAIL PROTECTED] On Behalf Of NTSysAdmin Sent: Wednesday, 9 July 2008 8:34 PM To: NT System Admin Issues Subject: RE: DNS flaw plugged by vendors FUD S From: James Rankin [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 09, 2008 4:31 AM To: NT System Admin Issues Subject: DNS flaw plugged by vendors http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/ Is anyone taking any remedial action about this out-of-band? It seems to be presented as quite threatening... ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
