Anyone was open to this attack as long as they used DNS as it as designed. Ill requote from the original article. "Earlier this year, professional security research Dan Kaminsky discovered a major issue in how Internet addresses are managed (Domain Name System, or DNS). This issue was in the design of DNS and not limited to any single product."
-----Original Message----- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Thursday, July 10, 2008 11:48 AM To: NT System Admin Issues Subject: Re: Major DNS protocol issue effecting most implementations of DNS I meant to add: In the meantime, I would discontinue using them for DNS. Do it yourself or use OpenDNS. OpenDNS was never vulnerable to this attack vector: http://blog.opendns.com/2008/07/08/opendns-keeping-you-safe/ But, remember that this effects clients too. On Thu, Jul 10, 2008 at 12:44 PM, Micheal Espinola Jr <[EMAIL PROTECTED]> wrote: > Don't just hope. Bring it up as an issue with them. > > On Thu, Jul 10, 2008 at 10:25 AM, Joe Heaton <[EMAIL PROTECTED]> wrote: >> Well, I used the tool that was referenced on the site below, and it >> seems my upstream name server is susceptible to this problem, so >> hopefully they will be patching too. I have already patched my DNS >> server, and I'm working on the client side patch now... >> >> Joe Heaton >> -----Original Message----- >> From: Ken Schaefer [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 09, 2008 6:58 PM >> To: NT System Admin Issues >> Subject: RE: Major DNS protocol issue effecting most implementations of >> DNS >> >> And what if the cache of your upstream is a victim of this attack? :-) >> >> So, yes, internally you probably don't have much to fear (unless you >> have a malicious employee, or someone else has already come in via some >> other means and this is a second part of an attack). But you either need >> to refer back to root servers or upstream DNS servers for other zones, >> and it's possible that they might be compromised (well, probably not the >> root servers) >> >> Cheers >> Ken >> >>> -----Original Message----- >>> From: Joe Heaton [mailto:[EMAIL PROTECTED] >>> Sent: Thursday, 10 July 2008 2:04 AM >>> To: NT System Admin Issues >>> Subject: RE: Major DNS protocol issue effecting most implementations >> of DNS >>> >>> So this is pointed more at public name servers, right? Not internal >>> DNS? I do our internal stuff, but forward everything else to our >> "ISP", >>> which is another state agency. >>> >>> Joe Heaton >>> >>> -----Original Message----- >>> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, July 09, 2008 8:33 AM >>> To: NT System Admin Issues >>> Subject: Re: Major DNS protocol issue effecting most implementations >> of >>> DNS >>> >>> This blog has a good overview and some relevant info in the comments >>> (a lot of bs in there too though): >>> >>> >> <http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issu >>> e-in-dns-massive-multivendor-patch-released/> >>> >>> On Wed, Jul 9, 2008 at 11:23 AM, Micheal Espinola Jr >>> <[EMAIL PROTECTED]> wrote: >>> > Affected systems include both client and server systems [that >>> > implement DNS caching and stub resolution], and any other networked >>> > systems that include this functionality. >>> > >>> > * US-CERT (TA08-190B) Multiple DNS implementations vulnerable to >> cache >>> > poisoning - >>> > <http://www.us-cert.gov/cas/techalerts/TA08-190B.html> >>> > * Microsoft Security Bulletin MS08-037 - >>> > >>> <http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx> >>> > >>> > -- >>> > ME2 >>> > >>> > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >>> > >>> >>> >>> >>> >>> -- >>> ME2 >>> >>> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >>> >>> No virus found in this incoming message. >>> Checked by AVG. >>> Version: 8.0.101 / Virus Database: 270.4.6/1540 - Release Date: >> 7/8/2008 >>> 6:33 AM >>> >>> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.com >> Version: 8.0.138 / Virus Database: 270.4.7/1542 - Release Date: 7/9/2008 >> 6:50 AM >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> > > > > > -- > ME2 > -- ME2 ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
