Web Hosting News

  Home arrow Web Hosting News arrow Page 3 - DNS Flaw Causes Global Panic
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

DNS Flaw Causes Global Panic
By: Michael Lowry
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1

    Table of Contents:
  • DNS Flaw Causes Global Panic
  • Flaw Exposed
  • Patch Now!
  • What Now?

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    DNS Flaw Causes Global Panic - Patch Now!

    (Page 3 of 4 )

    When the DNS is trying to answer a request, it sends the request to different servers until it can find the pertaining location. Each server is called an “in-bailiwick” and its job is to either send the information back or pass it on to the next server. Prior to this flaw, the bad guy would attack the original address and attempt to guess the right authentication code before it's given the correct information. Now, they also attack the in-bailiwick servers and feed them false information, which is then provided to the original address and cached so it doesn't have to look up the information again.

    This is what Kaminsky and company were up against. It's up to the vendors to deploy the patch and update their servers. Apple was especially admonished for its late response. They use quite a bit of open source code in their operating systems and rely on BIND, which is developed by ISC and is the most commonly used DNS server on the Internet. ISC patched BIND on July 8, but it took Apple until August 1 to patch their OS X operating system, which they called iPatch...just kidding. But everything should be okay now, right? Not quite.

    According to Swa Frantzen of SANS Internet Storm Center, Apple's patch didn't go far enough. “Apple might have fixed some of the more important parts for servers, but is far from done yet as all the clients linked against a DNS client library still need to get the workaround for the protocol weakness,” Frantzen said. Apparently, BIND for OS X was predictably incrementing the ports it uses to communicate DNS information. Score one for PC.

    And in a comical display of coincidence, it was reported that HD Moore, the creator of the Metasploit hacking toolkit, was the victim of a cache poisoning attack. One of AT&T's DNS cache servers in the Austin, Texas region was attacked and the cache entry for www.google.com was replaced with a fake page being run by a scammer.

    “The attack itself was not malicious, did not load malware, and from an operational standpoint, had zero impact,” Moore said. Even though the comeuppance was minimal, it's encouraging to see karma somewhere other than a mediocre television sitcom. Score one for everybody.

    More Web Hosting News Articles
    More By Michael Lowry


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap