Massive, coordinated DNS patch released

Discussion in 'other security issues & news' started by ronjor, Jul 8, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    More.....
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Researcher offers insight into DNS flaw
    More
     
  3. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    On the NetworkWorld article about the issue there's a link to Kaminsky's page with a DNS checker, would both links be appropriate to post here?
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    That will be okay.
     
  5. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
  6. tlu

    tlu Guest

  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    8,026
    Location:
    The Netherlands
    You know what I don´t understand? Why did it needed to be patched on client PC´s? I´m talking about the fix that screwed up ZoneAlarm. I mean you would think that only the DNS servers needed patching, can ayone explain?
     
  8. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    The problem is in the DNS server not client so it is not related to ZA on your system.
     
  9. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    From what i have read about the flaw OpenDNS is not affected,good reason to install it. http://www.opendns.com/
     
  10. tlu

    tlu Guest

    That's not quite correct - see, e.g., the example here or here. As a matter of fact the client libraries of Windows and all Linux and BSD distributions have been patched in the meanwhile - but NOT Apple! Their client libraries still aren't patched, i.e., they haven't implemented randomization of the query ID and the source port yet.
     
    Last edited by a moderator: Aug 4, 2008
Loading...
Thread Status:
Not open for further replies.