One of Boston.com's pop-up advertisers is currently redirecting to a download. Is it the DNS exploit in action? I dunno, but the timing is impeccable - and is exactly what I have been expecting to see.
On Thu, Jul 10, 2008 at 12:44 PM, Micheal Espinola Jr <[EMAIL PROTECTED]> wrote: > Don't just hope. Bring it up as an issue with them. > > On Thu, Jul 10, 2008 at 10:25 AM, Joe Heaton <[EMAIL PROTECTED]> wrote: >> Well, I used the tool that was referenced on the site below, and it >> seems my upstream name server is susceptible to this problem, so >> hopefully they will be patching too. I have already patched my DNS >> server, and I'm working on the client side patch now... >> >> Joe Heaton >> -----Original Message----- >> From: Ken Schaefer [mailto:[EMAIL PROTECTED] >> Sent: Wednesday, July 09, 2008 6:58 PM >> To: NT System Admin Issues >> Subject: RE: Major DNS protocol issue effecting most implementations of >> DNS >> >> And what if the cache of your upstream is a victim of this attack? :-) >> >> So, yes, internally you probably don't have much to fear (unless you >> have a malicious employee, or someone else has already come in via some >> other means and this is a second part of an attack). But you either need >> to refer back to root servers or upstream DNS servers for other zones, >> and it's possible that they might be compromised (well, probably not the >> root servers) >> >> Cheers >> Ken >> >>> -----Original Message----- >>> From: Joe Heaton [mailto:[EMAIL PROTECTED] >>> Sent: Thursday, 10 July 2008 2:04 AM >>> To: NT System Admin Issues >>> Subject: RE: Major DNS protocol issue effecting most implementations >> of DNS >>> >>> So this is pointed more at public name servers, right? Not internal >>> DNS? I do our internal stuff, but forward everything else to our >> "ISP", >>> which is another state agency. >>> >>> Joe Heaton >>> >>> -----Original Message----- >>> From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] >>> Sent: Wednesday, July 09, 2008 8:33 AM >>> To: NT System Admin Issues >>> Subject: Re: Major DNS protocol issue effecting most implementations >> of >>> DNS >>> >>> This blog has a good overview and some relevant info in the comments >>> (a lot of bs in there too though): >>> >>> >> <http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issu >>> e-in-dns-massive-multivendor-patch-released/> >>> >>> On Wed, Jul 9, 2008 at 11:23 AM, Micheal Espinola Jr >>> <[EMAIL PROTECTED]> wrote: >>> > Affected systems include both client and server systems [that >>> > implement DNS caching and stub resolution], and any other networked >>> > systems that include this functionality. >>> > >>> > * US-CERT (TA08-190B) Multiple DNS implementations vulnerable to >> cache >>> > poisoning - >>> > <http://www.us-cert.gov/cas/techalerts/TA08-190B.html> >>> > * Microsoft Security Bulletin MS08-037 - >>> > >>> <http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx> >>> > >>> > -- >>> > ME2 >>> > >>> > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >>> > >>> >>> >>> >>> >>> -- >>> ME2 >>> >>> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >>> >>> No virus found in this incoming message. >>> Checked by AVG. >>> Version: 8.0.101 / Virus Database: 270.4.6/1540 - Release Date: >> 7/8/2008 >>> 6:33 AM >>> >>> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >>> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> >> No virus found in this incoming message. >> Checked by AVG - http://www.avg.com >> Version: 8.0.138 / Virus Database: 270.4.7/1542 - Release Date: 7/9/2008 >> 6:50 AM >> >> ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ >> ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ >> > > > > > -- > ME2 > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > -- ME2 ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
