DNS cache poisioning - is your name server patched?

07.24.08 - 08:15pm

As many of you have probably read, there is a lot of buzz about the recent multi-vendor DNS vulnerability. The details have to do with weak transaction IDs used by caching name servers and the ability to modify those cached DNS records if you can predict the transaction ID. Patches to all the major DNS systems are out and Mozilla DNS servers have been patched for some time, even though our publicly accessible name servers are not recursive or caching name servers.

While we have done all we can by patching our systems, you should check/yell/complain to your upstream DNS provider and apply pressure to get their servers patched as they mostly likely cache name records for you. There are a lot of tools out there to check if your favorite caching name server is vulnerable - http://www.doxpara.com/ and http://entropy.dns-oarc.net/test/ are two that I have seen used.

Category: Uncategorized |

Build storage issues - resolved!

No Comments Yet

You can be the first to comment!

Speak Your Peace

You must be logged in to post a comment.