Just wanted to poll a few reactions if any, to the latest security threat released (and averted). Article snippets: * **Web Doomsday Averted: Kaminsky* Security researcher Dan Kaminsky argues that the recent DNS vulnerability wasn't just hype: it could have destroyed the Web.
LAS VEGAS -- The recent Domain Name System (define) caching flaw that had security experts scrambling to protect the Web wasn't just hype. The Internet as we know it was at risk, according to a security researcher Dan Kaminsky. During a discussion on front of a packed hall at the Black Hat conference today, Kaminsky detailed flaws in the system that translates domain names into IP addresses, which he's been trying to hide for the last thirty days. In a 70-minute session with over 50 slides, Kaminsky explained in excruciating detail the flaw in DNS and the myriad ways it could have been exploited to destroy the Internet as we know it. Explanation in a nutshell: Each DNS request is supposed to carry with it a random number transaction ID. But it turns out that the random number is only one out of 65,000 -- much more than was needed. This is what vendors have patched. Full article here: http://www.internetnews.com/infra/article.php/3763631/Web+Doomsday+Averted+Kaminsky.htm what do you think? Gary
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
