Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaminsky's DNS Attack Disclosed, Then Pulled

Posted by Soulskill on from the can-of-worms dept.

An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well.

2 of 281 comments (clear)

  1. The push for DNSSec by QuantumG · · Score: 4, Interesting

    Kinda makes you wonder what they're getting out of it.

    --
    How we know is more important than what we know.
    1. Re:The push for DNSSec by 0xygen · · Score: 4, Interesting

      Not to be paranoid, but the argument of "no-one can do this" is often weak in the light of it being governments or intelligence agencies who are trying to mess with your internet access.

      Is he scared of his government?

      Or concerned about what his government may be doing to others in the world?

      The problem is not necessarily on the "some attacker half way across the world on another AS", but may be much closer to home.