I don't think they are overblown at all, he found a flaw made sure it got reported correctly to a lot of vendors, got it coordinated for patches and then the details was released. There has been a rash of DNS exploits lately so it seems like a good target given its criticality to the Internet as a hole. He did it thoroughly and responsibly, which is proper ethical conduct.
Z Edward E. Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP,Security+,Network+,CCA Phone: 401-639-3505 ________________________________ From: David Lum [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2008 9:32 AM To: NT System Admin Issues Subject: Comments on the recent DNS Cache poisoning hoopla DNS flaws called overblown by researcher http://security.blogs.techtarget.com/2008/07/14/dns-flaws-called-overblo wn-by-researcher/ Anyone care to comment? I've read a lot about this DNS stuff and Dan Kaminsky's work...and of course, his comments here: http://www.doxpara.com/ Anyone here have anything to add? Dave Lum Systems Engineer " When you step on the brakes your life is in your foot's hands." ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
