Skip navigation

DNS patching during the critical time from July 7th, 2008 to August 3rd, 2008:

http://www.youtube.com/watch?v=Ff5WBDOwueI

Dan Kaminsky on the DNS Bug of 2008

http://www.youtube.com/watch?v=B0dHDD9fFM4&NR=1

DNS ATTACK!!!!!!! Hackers move first, in this war game of chess, We failed to hear the warning of Dan Kaminsky, but OpenDNS and BIND and don’t forget the smart ISP’s that took the FREE patch won the battle well stood up atleast and the customers of the ISP’s never knew what happned…Triumphed.

Exploit required to send more than 130 thousand of requests for the fake records like 131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry for the poisoned_dns.blah.com.”

“BIND used fully randomized source port range, i.e. around 64000 ports. Two attacking servers, connected to the attacked one via GigE link, were used, each one attacked 1-2 ports with full ID range. Usually attacking server is able to send about 40-50 thousands fake replies before remote server returns the correct one, so if port was matched probability of the successful poisoning is more than 60%.

Attack took about half of the day, i.e. a bit less than 10 hours.
So, if you have a GigE lan, any trojaned machine can poison your DNS during one night…” -tservice.net.ru

If you want more info listen to Steve Gibson talk about it in episode Security Now! Episode #157. DON’T FORGET TO READ MY POST ON Test your DNS NOW!!! and DNS Servers, The ISP Will not update!. For MORE INFO.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: