Skip navigation

Tag Archives: DNS ATTACK!!!!!!!

DNS patching during the critical time from July 7th, 2008 to August 3rd, 2008:

http://www.youtube.com/watch?v=Ff5WBDOwueI

Dan Kaminsky on the DNS Bug of 2008

http://www.youtube.com/watch?v=B0dHDD9fFM4&NR=1

DNS ATTACK!!!!!!! Hackers move first, in this war game of chess, We failed to hear the warning of Dan Kaminsky, but OpenDNS and BIND and don’t forget the smart ISP’s that took the FREE patch won the battle well stood up atleast and the customers of the ISP’s never knew what happned…Triumphed.

Exploit required to send more than 130 thousand of requests for the fake records like 131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry for the poisoned_dns.blah.com.”

“BIND used fully randomized source port range, i.e. around 64000 ports. Two attacking servers, connected to the attacked one via GigE link, were used, each one attacked 1-2 ports with full ID range. Usually attacking server is able to send about 40-50 thousands fake replies before remote server returns the correct one, so if port was matched probability of the successful poisoning is more than 60%.

Attack took about half of the day, i.e. a bit less than 10 hours.
So, if you have a GigE lan, any trojaned machine can poison your DNS during one night…” -tservice.net.ru

If you want more info listen to Steve Gibson talk about it in episode Security Now! Episode #157. DON’T FORGET TO READ MY POST ON Test your DNS NOW!!! and DNS Servers, The ISP Will not update!. For MORE INFO.

Advertisements