Slashdot Mirror

← Back to Stories (view on slashdot.org)

"DNS Forgery Pharming" Attack Against BIND 9

Posted by kdawson on from the better-hope-sitekey-works dept.

Monley writes "Help Net Security is running a story about a severe flaw in BIND's implementation that allows fraudsters to efficiently predict generated random numbers without the need to control the route between the user and the DNS server. (Here are HTML and PDF versions of the paper.) Using this vulnerability, fraudsters can remotely forge DNS responses and direct users to fraudulent websites, which can steal the user's sign-in credentials and do other mischief. The flaw was discovered by security researcher and Trusteer's CTO, Amit Klein." The ISC has released a patch to BIND 9.

2 of 105 comments (clear)

  1. Come again? by Angst+Badger · · Score: 4, Insightful

    Since when is a severe flaw in BIND's implementation news?

    --
    Proud member of the Weirdo-American community.
  2. Re:Jeezus freaking A Christ by eggnet · · Score: 4, Insightful

    Probably because BIND has to be cross-platform. I'm sorry to break this to you Matt, but some people use inferior operating systems without good random number generation function. That doesn't prevent BIND from using superior OS provided services for platforms that do have good random number generators. They decided not to do it, plain and simple.