Digging Deeper: Dan Kaminsky’s DNS Flaw
John Tyra | August 7th, 2008The DNS flaw problem has been floating around in the news for months now, but has been kept ’secret’ while Dan Kaminsky has been working with vendors to develop a fix. Many articles have been posted on this; we’re using one from ChannelWeb and from Network World. Kaminsky, directory of ISActive, is the individual who found this DNS flaw which he presented at the Black Hat conference yesterday (8/6/08). I haven’t been following this too closely, since the details have been kept under wraps for so long, but yesterday’s presentation got my attention. Chew on this:
“The question is not how many things can you break with DNS, but how many things can’t you break,” Kaminsky said. “We’re barely keeping hold of the secrets of why it’s so important to patch.”
There is, quite literally, a grocery list of items affected when your DNS has been compromised:
- Taking over .com/.net/.org domains
- Sniffing emails
- Modification/infection of emails to/from sender or receiver
- IPSec VPN redirection
- SSL certification
- Auto software updates
- Spam filters
- Etc
If you’d like to check your DNS server, or the DNS server you’re using, check out Kaminsky’s site:
However, at the moment of this posting, his site is ‘down’ which is probably due to the flood of hits from people checking their DNS.
