Massive, coordinated DNS patch released

Discussion in 'other security issues & news' started by ronjor, Jul 8, 2008.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,825
    Location:
    Texas
    More.....
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,825
    Location:
    Texas
    Researcher offers insight into DNS flaw
    More
     
  3. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
    On the NetworkWorld article about the issue there's a link to Kaminsky's page with a DNS checker, would both links be appropriate to post here?
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,825
    Location:
    Texas
    That will be okay.
     
  5. axial

    axial Registered Member

    Joined:
    Jun 27, 2007
    Posts:
    477
  6. tlu

    tlu Guest

  7. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,855
    Location:
    The Netherlands
    You know what I don´t understand? Why did it needed to be patched on client PC´s? I´m talking about the fix that screwed up ZoneAlarm. I mean you would think that only the DNS servers needed patching, can ayone explain?
     
  8. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    The problem is in the DNS server not client so it is not related to ZA on your system.
     
  9. Huupi

    Huupi Registered Member

    Joined:
    Sep 2, 2006
    Posts:
    2,024
    From what i have read about the flaw OpenDNS is not affected,good reason to install it. http://www.opendns.com/
     
  10. tlu

    tlu Guest

    That's not quite correct - see, e.g., the example here or here. As a matter of fact the client libraries of Windows and all Linux and BSD distributions have been patched in the meanwhile - but NOT Apple! Their client libraries still aren't patched, i.e., they haven't implemented randomization of the query ID and the source port yet.
     
    Last edited by a moderator: Aug 4, 2008
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.