greg hughes - dot net - DNS exploit now in the wild - 52% of DNS servers vulnerable today

Saturday, July 26, 2008

DNS exploit now in the wild - 52% of DNS servers vulnerable today

The DNS vulnerability discovered earlier this year by Dan Kaminsky, and recently patched by DNS software providers in an unprecedented cross-vendor cooperation, has graduated from vulnerability to exploit-in-the-wild.

According to Kaminsky, 52% of the DNS servers on the Internet are still vulnerable, better than the number of exploitable systems just a few weeks ago when the patches were released by all the vendors.

Kaminsky has written up a plain-language helper guide to explain the problem to non-technical (read: management and decision-making) people. There's also a Black Hat webcast with Kaminsky available where he details the vulnerability and discusses the fixes.

Read more at Ars Technica.

Add/Read: Comments [0]

IT Security | Tech

Saturday, July 26, 2008 12:38:05 PM (Pacific Daylight Time, UTC-07:00)

Referred by:
http://web.gougou.com/bfs?search=%6e%65%74%64%6e%73%2e%69%6e... [Referral]
net dns dot (www.google.pl) [Referral]
dns linkdot (www.beedly.us) [Referral]

Name
E-mail
Home page

	Remember Me
Comment (Some html is allowed: `a@href@title, b, blockquote@cite, em, i, strike, strong, sub, super, u`) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.

Live Comment Preview

"Computers used to take up entire buildings, now they just take up our entire lives."

- Unknown

"So how do you know what is the right path to choose to get the result that you desire? And the honest answer is this... You won't. And accepting that greatly eases the anxiety of your life experience."

- Jon Stewart

"To try when it seems there is no hope is to risk failure. But to not try is to guarantee it."

- Anon

Syndication [XML] and .net Alerts

For lazy, highly-technical or enlightened people, get this site's content without the use of a web browser. I use FeedDemon for this, but you can choose your own.

Subscribe - click the icon for my feed

... or sign up for Microsoft Alerts to receive updates through your MSN Messenger, e-mail, or mobile device. Click the orange button thingie to sign up with your Passport account:

Contact

Drop me an email:

Send mail to the author(s)

Phone: 503-766-2258
Add me to MSN Messenger

Monthly Archive

November, 2008 (4)

October, 2008 (18)

September, 2008 (18)

August, 2008 (18)

July, 2008 (35)

June, 2008 (16)

April, 2008 (16)

March, 2008 (22)

February, 2008 (32)

January, 2008 (9)

December, 2007 (6)

November, 2007 (4)

October, 2007 (19)

September, 2007 (36)

August, 2007 (19)

July, 2007 (17)

June, 2007 (16)

April, 2007 (11)

March, 2007 (5)

February, 2007 (14)

January, 2007 (16)

December, 2006 (16)

November, 2006 (4)

October, 2006 (23)

September, 2006 (14)

August, 2006 (21)

July, 2006 (34)

June, 2006 (25)

April, 2006 (20)

March, 2006 (17)

February, 2006 (34)

January, 2006 (30)

December, 2005 (23)

November, 2005 (39)

October, 2005 (30)

September, 2005 (49)

August, 2005 (31)

July, 2005 (21)

June, 2005 (35)

April, 2005 (54)

March, 2005 (60)

February, 2005 (27)

January, 2005 (59)

December, 2004 (70)

November, 2004 (58)

October, 2004 (55)

September, 2004 (64)

August, 2004 (53)

July, 2004 (65)

June, 2004 (50)

April, 2004 (26)

March, 2004 (20)

February, 2004 (26)

January, 2004 (28)

December, 2003 (12)

October, 2003 (8)

September, 2003 (11)

August, 2003 (1)

On this page

Search and Translate this Site

Blog Posting Categories

Navigation Links

About Greg Hughes

Archive of all entries

Privacy Policy - greghughes.net

Greg's aviation blog

Alltop - Windows

This blog is featured on...

Blogroll

Alex is a former coworker who blogs about a variety of IT-related topics.

Brent is a cool dude and a great QA guy that I used to work with. His blog is, appropriately, focused on QA and testing technology.

Chris was formerly my boss at work and is an avid board gamer and photographer. He always has some new info about top-notch board games you may have never heard of, so if you're into them, you should check out this blog.

Lockergnome by trade, Chris is always up to something new. If you are not familiar with the Lockergnome newsletters, be sure to check them out, too.

Matthew Lapworth

Matt's a software developer and friend. He seems to enjoy extreme sports. That's fine as long as he doesn't, like, die or something.

Milind writes about all sorts of interesting stuff. We worked toegther for eight years, and he worked at our employer longer than I, which pretty much makes him old as dirt in company time. :)

MSFT Security Bulletins [RSS]

RSS feed for all Microsoft security bulletins provides an always-up-to-date list of updates along with complete descriptions of each.

Rory Blyth is one of the funniest and most thought-provoking bloggers I read. And I blame him for everything. Literally.

Scott Adams' Dilbert Blog

Scott Adams is the creator of Dilbert, and his blog is an incredibly smart, clever and often funny (sometimes very serious) look at the world. Everyone should read this blog.

Scott Hanselman

Scott's computerzen blog is a popular spot for all things .NET and innovative. I used to work with him, but then he went off to Microsoft. He's one of the smartest guys I know, and arguably the best technical presenter around.

Sign In

Who Links Here

Total Posts: 1782
This Year: 202
This Month: 4
This Week: 2
Comments: 2915