is there a specific patch procedure or update lang? On Fri, Aug 8, 2008 at 11:59 AM, jan gestre <[EMAIL PROTECTED]> wrote:
> It is legit but it doesn't matter whether its legit or hyped, there's no > harm in patching/securing your DNS server, right? > > On Thu, Aug 7, 2008 at 6:28 PM, Gabriel H. Mercado <[EMAIL PROTECTED]>wrote: > >> Just wanted to poll a few reactions if any, to the latest security threat >> released (and averted). Article snippets: >> * >> **Web Doomsday Averted: Kaminsky* >> Security researcher Dan Kaminsky argues that the recent DNS vulnerability >> wasn't just hype: it could have destroyed the Web. >> >> LAS VEGAS -- The recent Domain Name System (define) caching flaw that had >> security experts scrambling to protect the Web wasn't just hype. The >> Internet as we know it was at risk, according to a security researcher Dan >> Kaminsky. >> >> During a discussion on front of a packed hall at the Black Hat conference >> today, Kaminsky detailed flaws in the system that translates domain names >> into IP addresses, which he's been trying to hide for the last thirty days. >> >> In a 70-minute session with over 50 slides, Kaminsky explained in >> excruciating detail the flaw in DNS and the myriad ways it could have been >> exploited to destroy the Internet as we know it. >> >> Explanation in a nutshell: >> >> Each DNS request is supposed to carry with it a random number transaction >> ID. But it turns out that the random number is only one out of 65,000 -- >> much more than was needed. This is what vendors have patched. >> >> >> Full article here: >> http://www.internetnews.com/infra/article.php/3763631/Web+Doomsday+Averted+Kaminsky.htm >> >> what do you think? >> >> Gary >> >> >> >> _________________________________________________ >> Philippine Linux Users' Group (PLUG) Mailing List >> http://lists.linux.org.ph/mailman/listinfo/plug >> Searchable Archives: http://archives.free.net.ph >> > > > > -- > http://jangestre.wordpress.com > > _________________________________________________ > Philippine Linux Users' Group (PLUG) Mailing List > http://lists.linux.org.ph/mailman/listinfo/plug > Searchable Archives: http://archives.free.net.ph > -- http://kikay.exchange.ph http://mom.exchange.ph http://basketball.exchange.ph http://linux.org.ph ======================= Make life easier for Webmasters! http://spreadfirefox.com/community/?q=user/register&r=137994
_________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
