DNS Flaw Used To Poison Chinese ISP's Server

Discussion in 'other security issues & news' started by JRViejo, Aug 23, 2008.

Thread Status:
Not open for further replies.
  1. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,980
    Location:
    U.S.A.
    InformationWeek News
     
  2. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    CNC is also my ISP.
    I don't like them, they promote popup ads through DNS hijacks last year.
    CNC sucks for these dirty hands. but i should say their network quality here is just OK.
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Possible cure: Just type the IP numbers, don´t type www.
     
  4. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Or don't make your customers jump through hoops to avoid a flaw that's been known long enough now to be patched up and patch your servers already.
     
  5. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,980
    Location:
    U.S.A.
    There lies the rub. If the Chinese are using pirated software, there's no way to patch them and even if one could, current patches are undoing the source port randomization needed to prevent a cache-poisoning attack against the DNS server.

    Firewall vendors scramble to fix problem with DNS patch.
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,802
    Location:
    Texas
    A few off topic posts removed. Please stay focused on the thread topic when posting.
     
  7. Bensec

    Bensec Registered Member

    Joined:
    Aug 4, 2008
    Posts:
    177
    Location:
    China Changsha
    you wont do that, will you?
    at least I would not bother to remember the ip code for all my favorite sites.
    The best way out ,I think, is to switch to Open DNS.
    =)once and for all!
     
    Last edited: Sep 1, 2008
Loading...
Thread Status:
Not open for further replies.