Slashdot Mirror

← Back to Stories (view on slashdot.org)

BIND Still Susceptible To DNS Cache Poisoning

Posted by Soulskill on Saturday August 9, 2008 @01:05AM from the still-in-a-bind dept.

An anonymous reader writes "John Markoff of the NYTimes writes about a Russian hacker, Evgeniy Polyakov, who has successfully poisoned the latest, patched BIND with randomized ports. Originally, the randomized ports were never supposed to completely solve the problem, but just make it harder to do. It was thought that with port randomization, it would take roughly a week to get a hit. Using his own exploit code, two desktop computers and a GigE link, Polyakov reduced the time to 10 hours."

1 of 146 comments (clear)

Min score:

Reason:

Sort:

Re:I'm safe, in my ADSL utopia by Tony+Hoyle · 2008-08-09 01:57 · Score: 0, Troll

Compared to ARP spoofing which is much simpler and gains you the entire traffic flow to an IP address? I wouldn't bother with a DNS attack to be honest. Any attack that requires you be on the local network is uninteresting just because there are so many damned ways to do it already.