If you have not done so, patch your DNS servers now.

Forum Moderators: phranque

Message Too Old, No Replies

If you have not done so, patch your DNS servers now.

The urgency of patching recursive DNS servers just increased significantly

Commerce

3:06 pm on Jul 22, 2008 (gmt 0)

It seems that Dan Kaminsky will be doing a presentation at an upcoming Blackhat meeting.

An article on this is found at SANS.Org -
[isc.sans.org...]
"an upgrade or patch of all recursive DNS servers is what's really needed at this point."

The message, if you have not done so already, you will want to make sure any and all recursive DNS servers under your control have been patched to avoid a problem with cache poisoning.

An earlier thread here at WebMasterWorld from July 8th offers awareness information about the problem and some other resources you can check out -
[webmasterworld.com...]

-Commerce

Commerce

3:36 am on Jul 23, 2008 (gmt 0)

Update from: Infoblox
[infoblox.com...]

"Where can I find details of this exploit?
Details of this new vulnerability have not been released yet to allow for administrators to patch their servers before the technique becomes well known to attackers. However, an exploit has now been released into the wild."

-Commerce