If there ever was a h@x0r equivalent of a WMD, this is it. Means of exploiting a weakness that is present in every standard implementation of DNS was discovered a while back, and now they have been made public. More details on the specifics behind the vulnerability here. This thing's got all the white hats scrambling. I haven't seen this sort of seriousness coming from security researchers in, well, ever. If you haven't heard about this yet, well here it is; better get patching before all your passwords get jacked and google redirects to equestrian imagery of an explicit nature.
Edit: Shit. This was like two days ago. Better late than, never, I suppose.
Subscribe to:
Post Comments (Atom)
Posts
3 comments:
I'll get right on patching the many, many DNS servers that I run from my old laptop. Thanks for the warning.
I heard about this on This Week in Tech two weeks ago. Basically they keep their ports cycling in a simple linear order, if they just randomize it then it will be fixed.
I believe this has long since been patched on the major global servers.
The real threat in my mind is someone getting a regional ISP that isn't so secure and setting up their own bankofamerica.com to get everyone's login info.
well, don't forget every persocom out there caches DNS as well. actually, there are two exploits now, the other one was recently discovered, and both were publicized on the 22 in a highly controversial leak.
Post a Comment