Slashdot Mirror


Attack Code Published For DNS Vulnerability

get_Rootin writes "That didn't take long. ZDNet is reporting that HD Moore has released exploit code for Dan Kaminsky's DNS cache poisioning vulnerability into the point-and-click Metasploit attack tool. From the article: 'This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.' Here's our previous Slashdot coverage."

6 of 205 comments (clear)

  1. Google by bdasd5 · · Score: 5, Funny

    And here I am, thinking I was on Google.

  2. The Book Of Internets, Chapter Three, Verse Twelve by Aussenseiter · · Score: 5, Funny

    And lo, all unpatched websites were rendered unto Goatse.

  3. I know by Daimanta · · Score: 4, Funny

    I exploited this and let a huge cache of people visit my site(127.0.0.1) in stead of the site they wanted to go. It was kickass.

    --
    Knowledge is power. Knowledge shared is power lost.
    1. Re:I know by Anpheus · · Score: 4, Funny

      Don't worry, I just disabled his intern

      [CARRIER LOST]

  4. Re:Here we go... by Vectronic · · Score: 4, Funny

    "And I can hear just about any song I ever would want to hear in less than a minute."

    Shit, you should check out some of the songs that are longer than a minute, there's some good ones out there, but, yes...those quick little punk ditties are good too.

  5. Re:Here we go... by MadMidnightBomber · · Score: 4, Funny
    Can someone please send me the HOSTS file for the Internet?

    kthxbye

    --
    "It doesn't cost enough, and it makes too much sense."