DNS Flaw Hits More Than Just the Web

gringer writes "Dan Kaminsky presented at the Black Hat conference in Las Vegas on Wednesday, and said that the DNS vulnerability he discovered is much more dangerous than most have appreciated. Besides hijacking web browsers, hackers might attack email services and spam filters, FTP, Rsync, BitTorrent, Telnet, SSH, as well as SSL services. Ultimately it's not a question of which systems can be attacked by exploiting the flaw, but rather which ones cannot. Then again, it could just be hype. For more information, see Kaminsky's power point presentation." Update: 08/07 19:48 GMT by T : There's also an animation of the progress of the patch.

wow

[mevets]

its almost like every service that uses hostnames might be affected.

To everyone on 216.34.181.45

[HungryHobo]

And they called me a fool when I refused to learn website names WHO'S LAUGHING NOW!!

Re:Litmus testing

[DrEldarion]

Wait, we need to know tech to be here? I thought we just had to be libertarian and anti-copyright.

Surprised?

[LaminatorX]

This is why I've maintained a comprehensive /etc/hosts file since 1996. Every now and then it gets to be a bit large, so I periodically print it out and cache it to a shelf full of 3-ring binders.

Gopher

[dj245]

The three of us who still use Gopher are scared to death!

Re:Litmus testing

I doubt that the union of "people who think the web is the Internet" and "people who discover Slashdot and stick around" is more than a handful.

Actually, I imagine the union would be enormous. Perhaps you meant the intersection?

Re:Litmus testing

[Just+Some+Guy]

Nah. Those are just the requirements for upmodding. You can still hang around otherwise, but we might not talk to you.