DNS Exploit Means Quick Patches Are Critical

July 25th, 2008 | Category: Tech Talk

Researchers have released software that exploits the recently leaked flaw in the Internet’s Domain Name System (DNS) software. That may mean IT admins are in for a lengthy weekend of implementing and checking the patch.

IOActive researcher Dan Kaminsky discovered the bug earlier that month. The attack cipher was released Wednesday by developers of the Metasploit hacking toolkit, headed by the infamous HD Moore.

By exploiting that vulnerability, an attacker can redirect an ISP’s users to a malicious phishing

server every day they try to visit a valid Web site. The patches released through various vendors should protect from the threat, but it may be a rush for some.


Understanding the Root of the Threat

The threat emerges from two different issues with the DNS protocol, according to McAfee Avert Labs. DNS primarily uses UDP packets to send questions and receive answers. The client will accept any packet as […]

Orginal post by Top Tech News

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Netvouz
  • DZone
  • ThisNext
  • MisterWong
  • Wists
Related Articles
  • Patch Tuesday Plugs 12 Holes in Microsoft Office
  • Monster Patch Tuesday Covers 17 Vulnerabilities
  • Faster Attacks Break DNS Patches in Under 10 Hours
  • Microsoft Partners Will Get Advance Patch Tuesday Info
  • Digging deeper in January protection Patches
  • Patch Tuesday Vulnerabilities Include Two Key Servers
  • Patch Tuesday Includes Wireless Vulnerability
  • Microsoft Patches Critical Windows TCP Flaw
  • June Patch Tuesday Addresses Bluetooth, Kill Bit
  • Patch Tuesday Addresses Eight Critical Vulnerabilities

    • No comments yet. Be the first.

    Leave a reply