Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaminsky's DNS Attack Disclosed, Then Pulled

Posted by Soulskill on from the can-of-worms dept.

An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well.

18 of 281 comments (clear)

  1. Re:The push for DNSSec by dintech · · Score: 4, Funny

    Fame? Notorioty? Unstoppable attractiveness to women?

  2. I've been deeply worried by smittyoneeach · · Score: 3, Funny

    ...about these Monsanto DNA attacks for some time...

    --
    Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
  3. A: Because it breaks the flow of a message by DNS-and-BIND · · Score: 5, Funny

    Q: Why is starting a post in the Subject: line annoying?

    --
    Shutting down free speech with violence isn't fighting fascism. It IS fascism!
  4. Re:Here's the whole post by davester666 · · Score: 3, Funny

    From reading the f'ing article, I now know that I should never try to resolve WWW.VICTIM.COM.

    --
    Sleep your way to a whiter smile...date a dentist!
  5. Actually by krkhan · · Score: 2, Funny

    Well, as soon as he had posted that thing he got a Cease & Desist letter from MPAA for disclosing the intellectual property of Wachowski Brothers for The Matrix: Rebuttal. The movie was supposed to answer all the questions pertaining to the first movie and this attack was the secret way that Zion crafts used to hack into the Core. Of course, the Core refused to get its DNS servers patched because they didn't need anyone's help.

  6. Re:The push for DNSSec by snowgirl · · Score: 5, Funny

    Fame? Notorioty? Unstoppable attractiveness to women?

    Hey, you all are laughing now, but I tell you, there's a whole throng of us women just waiting for the right guy to secure our DNS!

    --
    WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
  7. That's it by krkhan · · Score: 4, Funny

    I've had enough. From now on, /. isn't /. for me. It's 216.34.181.45. I'm updating all my bookmarks. Wait, why is it redirecting? I have a bad feeling about this. Itsatrick.

  8. Re:The push for DNSSec by geekgirlandrea · · Score: 5, Funny

    Whereas us lesbians can secure our own DNS just fine, but would still prefer to have some nice girl do it for us. :)

  9. Re:The push for DNSSec by Yeff · · Score: 5, Funny

    Hottest. Slashdot Thread. Ever!

    --
    "Freedom Through Vigilance"
  10. Hottest? by Rudd-O · · Score: 5, Funny

    This is sad.

    --
    Rudd-O - http://rudd-o.com/
    1. Re:Hottest? by Antique+Geekmeister · · Score: 4, Funny

      What's wrong? Doesn't your NNTP server carry alt.sex.bindage anymore?

    2. Re:Hottest? by kpainter · · Score: 4, Funny

      I suspect a lot of Slashdotters have their sexual *ahem* attentions redirected to 127.0.0.1

  11. Re:The push for DNSSec by Element119 · · Score: 4, Funny

    if only i were a female, i'd be a lesbian for sure.

  12. Re:No details? by NickFitz · · Score: 4, Funny

    ... it ended up with a 404 page. I thought it was a blip on their server, but now I see they retracted the post.

    They fail. If they've removed it with no intention of making it available again it should be 410 Gone, not 404 Not Found. Am I the only person who reads the HTTP spec? It's not exactly hard to understand...

    --
    Using HTML in email is like putting sound effects on your phone calls. Just say <strong>no</strong>.
  13. Re:The push for DNSSec by Anonymous Coward · · Score: 4, Funny

    hope I didn't kill anyones chubber

    On the contrary...

  14. Re:No details? by Alsee · · Score: 3, Funny

    Actually you have the answer within your own post. As you said "If they've removed it with no intention of making it available again". According to the spec "If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 (Not Found) SHOULD be used instead." It is quite possible that the page was only taken down temporarily, with the intent to restore it on the official disclosure date. So use of code 410 which would be in violation of the spec, and 404 the proper reply code.

    Tag: geek humor

    -

    --
    - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
  15. Re:The push for DNSSec by Anonymous Coward · · Score: 1, Funny

    I'm pretty sure the parent actually masturbated after posting.

  16. Re:The push for DNSSec by snowgirl · · Score: 2, Funny

    Sorry, but I'm wearing the HTTP panties "403 Forbidden" :) My ports are closed until you can find the right sized diamond to activate my modules...

    God, I just gave up on that last word, and it still ended up being a sexual innuendo...

    --
    WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS