Slashdot Mirror

← Back to Stories (view on slashdot.org)

DNS Cache Poisoning Update

Posted by Zonk on from the trustno1 dept.

dhammabum writes "Todays SANS internet storm handler has put up an excellent update of the DNS poisoning vulnerability currently doing the rounds. The main points are that only Windows DNS servers are vulnerable (degrees of vulnerability depending on patch level), provided you are not running an ancient version of bind. Also bind4 and bind8 do not clean poisoned caches if they receive them from a poisoned Windows DNS server but bind9 does."

9 of 199 comments (clear)

  1. Same article, 2010. by Silverlancer · · Score: 5, Funny

    The InfoCon is currently set at psychadelic purple-green in response to the realization that Windows is still insecure, even now that Longhorn has been out for nearly 3 years, and has reached service pack 23. We originally went to psychadelic purple-green because we were uncertain of the mechanisms that allowed seemingly "secure" systems to be vulnerable to this issue. Now, however, we know of the mechanisms--Microsoft still makes shitty products, and Windows is still buggy and vulnerable.

    In other news, water is wet.

    1. Re:Same article, 2010. by Silverlancer · · Score: 2, Funny

      more like sp1 m i rite?

      Holy shit, I think my head just exploded.

  2. Wow! by Anonymous Coward · · Score: 1, Funny

    Thanks for the update there, Zonk! MS DNS, BIND4 BIND8 are insecure.

    Who knew? Truly, "stuff that matters".

  3. How did I KNOW??!! by Sensible+Clod · · Score: 1, Funny

    Somehow, I just knew Windows was at the root of the whole thing...

    --

    The difference between spam and poop is that you don't have to dig through septic tanks looking for real food. -- Me
    1. Re:How did I KNOW??!! by Anonymous Coward · · Score: 1, Funny

      Somehow, I just knew Windows was at the root of the whole thing...

      Windows doesn't have root, it has "Administrator". Therefore, Windows was at the Administrator of the whole thing.

  4. Comcast Issues? by Bonzor · · Score: 1, Funny

    I wonder if this is the reason Comcast's DNS servers all took a gigantic shit yesterday.

  5. Comcast, last night all DNS servers down by Anonymous Coward · · Score: 1, Funny

    I was happly using my Dual 2 Ghz and 30" screen when all sorts of nasty things happened. Which is a rarity for us Mac users as you all know.

    1: Netstat hung process

    2: Mail hung

    3: Finder reboot wouldn't load menu bar

    Nothing worked until I actually changed my network settings, then everything cleared up. I jumped on my 56k and chatted with Comcast after waiting almost a hour.

    I simply said "What happened, something big?"

    Comcast: "Yes we know, all our DNS servers are down"

    http://homepage.mac.com/hogfish/PhotoAlbum2.html

  6. DNS poisoning? by Nom+du+Keyboard · · Score: 2, Funny

    DNS poisoning?
    What DNS poisoning?
    Isn't this www.NerdsMeetingExcitingGirlsOnLine.org?

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  7. Re:Y'know, people keep telling me by pinkfalcon · · Score: 2, Funny


    Actually I am:

    - Uptime for myrouter.home.ericzeller.com -
    Now : 91 day(s), 13:18:11 running Linux 2.2.19pre13
    One : 413 day(s), 06:14:44 running Linux 2.2.19pre13, ended Wed Jan 5 21:32:40 2005
    Two : 377 day(s), 00:26:56 running Linux 2.2.19pre13, ended Sat Dec 14 13:26:46 2002
    Three: 117 day(s), 04:39:46 running Linux 2.2.19pre13, ended Thu Oct 2 17:42:38 2003

    --
    Real SUV's don't have cupholders
    It's 5:42 A.M., do you know where your stack pointer is?