|
|
|
|||||
Archive:
| |||||
Kaminsky, who spoke on Wednesday at the Black Hat hacker conference in Las Vegas, has given few details publicly about the vulnerability he found in the Domain Name System (DNS), a network of servers used to connect computers to websites ... His presentation instantly became one of the Black Hat conference's most anticipated after he announced on July 8 that he'd found a major weakness in DNS, a critical part of the internet's plumbing ... One of those was the susceptibility of many email... (The Age, Australia -- Technology)
The Terminators Bionic Eye Becomes Reality Aug 9, 2008
The recent discovery of a DNS vulnerability that would allow the exploitation of any website on the Internet has been the subject of Dan Kaminskys speech at the Black Hat conference held in Las. Transmeta has signed a non-exclusive licensing agreement with NVIDIA Corp. for its LongRun and LongRun2 computing technologies. (eFluxMedia)
Net bug worse than feared Aug 8, 2008
He said fixes for the flaw in the net's Domain Name System (DNS) had focused on web browsers but it could be abused by hackers in many other ways ... The DNS acts as the internet's address books and helps computers translate the website names people prefer (such as bbc ... Mr Kaminsky discovered a way for malicious hackers to hijack DNS and re-direct people to fake pages even if they typed in the correct address for a website. (BBC News -- Americas)
Domain Name System: Friend or Foe? Aug 8, 2008
Online, the ongoing DNS debacle has shaken some faith in what we've relied on for so long. ... In simple terms, he found a way that could allow malicious individuals or groups to blast away DNS responses to affected software for a site's subdomain and get their version of IP addresses to stick for any particular requested DNS query on that domain ... An example of a large threat would be for online banking services, which could have their IP addresses silently changed on an affected ISP's DNS... (eSecurityPlanet)
Kaminsky Reveals Details of Critical DNS Flaw Aug 8, 2008
Kaminsky first stepped into the public eye months ago with a discovery of the fundamental flaw in the DNS protocol, which provides a back and forth "conversation" between host URLs to addresses. If the attacker is able to determine certain crucial request functions, like source and the ID, he or she could then send a phony response that is cached by the DNS server ... Kaminsky had initially requested for members of the security research community to uphold a proposed "discussion blackout" on... (CRN)
Internet's Major Security Problem Also Affects E-Mail Aug 8, 2008
Kaminsky, who spoke Wednesday at the Black Hat hacker conference in Las Vegas, has given few details publicly about the vulnerability he found in the Domain Name System, or DNS, a network of servers used to connect computers to Web sites ... His presentation instantly became one of the Black Hat conference's most anticipated after he announced July 8 that he'd found a major weakness in DNS, a critical part of the Internet's plumbing ... One of those was the susceptibility of many e-mail servers... (Fox News)
Parallels Server for Mac underwhelms Aug 8, 2008
Technology ess Daily. Inexplicably poor support for Mac OS X Server as a guest tops a list of shortcomings that makes Parallels' much-anticipated server virtualization platform a very mixed bag. (InfoWorld)
Samsung, Microsoft in talks to speed up SSDs on Vista Aug 8, 2008
Technology ess Daily. Vista has been optimized to handle hard-drive data in smaller chunks, resulting in inefficient SSD performance when slotted into a disk drive bay. (InfoWorld)
Google Apps hit by prolonged Gmail access problem Aug 8, 2008
Technology ess Daily. Subscribers to the Google Apps hosted software suite were among the users locked out of their accounts for about 15 hours. (InfoWorld)
Put new life into Windows XP Aug 8, 2008
Technology ess Daily. If XP is feeling sluggish or looks and acts outdated, try these tips to give XP a little extra spit and polish. (InfoWorld)
SQL Server 2008's future 'cloudy' Aug 8, 2008
Technology ess Daily. SQL Server 2008's future 'cloudy. (InfoWorld)
Hands on: HP's Mini-Note netbook Aug 8, 2008
Technology ess Daily. Hands on with HP's Mini-Note netbook. (InfoWorld)
RELATED: Officials, nerds ogle security researcher Kaminsky Aug 8, 2008
His talk, "DNS Goodness," detailed origins of the bug, its scope, and how it is being countered ... The underlying flaw is in the Domain Name System (DNS), a network of millions of computer servers that translate words typed into Web browsers into numerical codes that PCs can understand ... DNS attacks aren't new. (USA Today -- Tech)
Kaminsky Details DNS Flaw at Black Hat Talk Aug 7, 2008
The data comes from a talk presented here at the Black Hat security conference in Las Vegas by Dan Kaminsky, the Seattle based IOActive researcher who discovered a fairly trivial way that bad guys could corrupt records found in the domain name system (DNS) and fill them with inaccurate information. On July 8, Microsoft, Cisco, Sun Microsystems and dozens of other Internet companies to fix this fundamental design in DNS, the communications standard that acts as a kind of phone book for the... (Washington Post)
Huge Internet Security Hole Slowly Being Fixed Aug 7, 2008
The underlying flaw is in the Domain Name System (DNS), a network of millions of servers that translate words typed into Web browsers into numerical codes that computers can understand. Getting from one place to another on the Internet typically requires a trip through several DNS servers, including some that accept incoming data and store parts of it ... com and head straight to the real Yahoo site, while at the same moment, a user in New York whose traffic is routed through different DNS... (Fox News)
I-Team: Computer Expert Seeks to Make Internet Safe Aug 7, 2008
"DNS -- The Domain Name System," he said. It works like this. (KLAS-TV.com, NV)
Electronic Privacy Information Center: Privacy Aug 6, 2008
The Domain Name System (DNS) is a distributed hierarchical system used by servers that use the Internet Protocol (IP)to convert IP addresses (such as 85. 135. (Yahoo News -- Online Privacy)
Core problem Aug 6, 2008
While many vendors patched their DNS software weeks ago and a growing number of ISPs have updated their systems to the latest version, Apple did not offer an update until last week ... It is rather ironic that one of the attacks being developed to take advantage of the DNS flaw subverts automatic updating of software, so we Mac users might be tricked into downloading malicious software because we assume it's just another unexpected update pushed at us by Apple. (BBC News -- Technology)
Apple misses mark on DNS patch Aug 5, 2008
Apple has failed to fully patch a DNS vulnerability, say researchers ... Security researchers are claiming that Apple has failed to fully patch the high profile DNS cache poisoning error ... The so-called Kaminsky flaw (named for its discoverer, Dan Kaminsky,) has sent vendors scrambling to patch what is said to be a fundamental vulnerability in the DNS system. (VNUNet.com)
Firewall vendors scramble to fix DNS problem Aug 5, 2008 Top 10 stories of the week Aug 3, 2008 Apple DNS Security Patch Flawed, Leaves Users At Risk Aug 2, 2008 IBM X-Force report critical of independent security researchers Aug 2, 2008 Apple finally patches DNS flaw Aug 2, 2008 Child porn filters to cut Aussie broadband speeds Aug 2, 2008 About The Internet DNS Flaw Aug 1, 2008 Major Web Flaw Puts Personal Info At Risk Aug 1, 2008 DNS patches cause problems Jul 31, 2008 AT&T first reported victim of DNS attack HD Moore was NOT Pwned Jul 31, 2008 DNS flaw handling leaves Kaminsky pleased Jul 30, 2008 Security experts knock Apple for not patching DNS bug Jul 29, 2008 DNS exploit code released by Metasploit founder Jul 29, 2008 Secret fix addresses flaw on Net Jul 28, 2008 Windows Mojave Launches! Jul 28, 2008 Update: Security Expert, Hacker, Launch DNS Attack Code Jul 27, 2008 Attacks begin on net address flaw Jul 26, 2008 Companies and ISPs still not patched against Kaminsky DNS ... Jul 26, 2008 All about face Jul 26, 2008 Gateway to Stop Selling PCs Through Web Site Jul 26, 2008 Mossberg Pans MobileMe: Did Apple Screw Up? Jul 26, 2008 Hackers get hold of critical Internet flaw... Jul 25, 2008 Fugitive Spam King Dead in Apparent Murder-suicide Jul 25, 2008 BakBone Gets Into Recovery Jul 25, 2008 Attack Code Released for New DNS Attack Jul 24, 2008 Microsoft's Online Woes Hint at Larger Vulnerability Jul 24, 2008 Attack code imminent for DNS flaw Jul 24, 2008 NBN bigger than Snowy Mountains Scheme, says Govt Jul 24, 2008 With DNS Flaw Now Public, Attack Code Imminent Jul 23, 2008 MySpace Eases Data Portability Policies, Adopts OpenID Jul 23, 2008 Details of DNS flaw posted Jul 23, 2008 Reviews: Cloud versus cloud Jul 23, 2008 Who's Really at Risk From the DNS Flaw? Jul 22, 2008 DNS Flaw Details Leaked Accidentally Jul 22, 2008 Installing the MySQL database server securely: Jul 21, 2008 Internet addresses are limited Jul 21, 2008 The Story Behind San Francisco's Rogue Network Admin Jul 20, 2008 Hackable Broadband Left Unpatched Jul 19, 2008 DNSstuff Releases Freeware to Detect Vulnerable DNS Servers Jul 18, 2008 RIM Warns BlackBerry Admins of BES Security Flaw Jul 18, 2008 Net scare sparks loophole fears Jul 17, 2008 Industry moves as one to patch massive Internet security hole Jul 16, 2008 Vendors rally to repair dangerous DNS flaw Jul 15, 2008 Transcript: Security Bites 107: Dan Kaminsky Jul 15, 2008 Electronic Privacy Information Center: Privacy Jul 14, 2008 Is DNSSEC the Answer to Internet Security? Jul 14, 2008 Nominum's Software Update Protects Networks From New DNS Security Vulnerability Jul 13, 2008 An 'Important' Patch Tuesday Jul 13, 2008 Viacom wins victoryover privacy Jul 13, 2008 How to rebuild the SYSVOL tree when none exists in Active Directory: Jul 13, 2008 Critical flaw rocks the internet Jul 13, 2008 Microsoft issues DNS, SQL Server updates Jul 13, 2008 Fix found for net security flaw Jul 13, 2008 Net address fix foxes web users Jul 13, 2008 Internet Bug Fix Spawns Backlash From Hackers Jul 13, 2008 ZoneAlarm Issues Fix For Problems Caused By Microsoft DNS Patch Jul 13, 2008 Boosting iPhone 3G signal strength Jul 13, 2008 Top 10 stories of the week Jul 13, 2008 Security Community Cooperates To Fix 'DNS Poisoning' Jul 13, 2008 MORE: Read the entire blog Jul 13, 2008 Computer hackers: Internet flaw sparks biggest security fix in web ... Jul 13, 2008 One Subpoena Is All It Takes to Reveal Your Online Life Jul 8, 2008 Icann Blames June Site Hijack on Registrar Jul 8, 2008 Watch out! Webs doomsday clock is ticking Jul 6, 2008 7/3: DNSChan-B Trojan Modifies DNS Setting Jul 4, 2008
Some firewall software undoes a feature that was introduced in the DNS patches and could make it easier for attackers to pull off a cache-poisoning attack against the DNS server ... The DNS flaw affects server software made by many vendors, including Microsoft, Cisco Systems, and the Internet Systems Consortium ... Some firewall software undoes a source port randomization feature that was introduced in the DNS patches. (InfoWorld)
Technology - DNS secret fix: The story continues Aug 4, 2008
But the first exploit has already appeared, and many of the Internet s DNS servers still run the problem software and are vulnerable ... But because of the software flaws, it s possible for hackers to poison the data records in a DNS server and have the server invisibly redirect a user to another Web site, one that is fake but appears to be the correct one, Internet address and all ... Security researcher Dan Kaminsky, who discovered the DNS flaw earlier in the spring - and who organized the... (Missoulian, MT)
This week's roundup of the top tech news stories includes patching the DNS flaw, the rogue SF admin, Microsoft's post-Windows OS, and more ... Patches for the DNS vulnerability that has generated so much buzz have led to performance problems for servers running BIND (Berkeley Internet Name Domain) software ... BIND is the most popular DNS software. (InfoWorld)
Aug. 02, 2008 Apple finally rolled out a software update to fix the much-heralded Name System (DNS) security flaw, but it seems the celebration may have been premature ... However, several security researchers Friday said Apple's DNS doesn't actually fix the problem and that Mac users are still at risk ... "Did Apple forget to patch something? By the look of things, the DNS client on the OSX 10.4.11 distribution still has not been patched," said security researcher Andrew Storms, director of... (CRN)
A number of security researchers took issue with ISS's conclusions about vulnerability research and disclosure, saying that, especially in the case of the DNS vulnerability, there was little else that could have been done to help protect users ... " SearchSecurity radio: "It created a situation where eventually the security community put customers more at risk by the speculation and flooding of more information, which followed with exploitation code," Lamb said. Internet Security Systems Inc.... (Search Security, MA)
Apple finally patches dangerous DNS flaw. Other vendors, including Cisco and Microsoft, had patches ready when the existence of the DNS flaw was disclosed on July 8 ... On Friday, Apple posted a saying that the patch will fix Apple's implementation of the Berkeley Internet Name Domain (BIND) DNS server in Mac OS X v10. (InfoWorld)
"I have a number of concerns with this.Firstly, to say the performance difference will not be "noticeable" is assuming every user of the internet is doing basic things like reading emails with a high speed broadband connection. What about businesses who backup offsite over a tunnel or users who depend on as much bandwidth as possible for various things. If you add 20 percent to the time it takes to do these tasks, it could cause all sorts of problems. There's also the poor Australians without... (iT News)
Its actually a problem with the software behind just about all domain name servers - DNS for short ... Instead we rely on the DNS servers to look them up for us ... But on July 8, security researcher Dan Kaminsky found a flaw in the software used on most DNS servers that make it possible for a hacker to re-direct a DNS. If exploited, that flaw would allow a criminal to re-direct people to the wrong site. (CBS News)
Computer Security Experts Hustle to Protect DNS Servers from Hackers ... Discovered by Dan Kaminsky, a computer security consultant for IOActive, the flaw allows hackers to penetrate the Internet's Domain Name Servers (DNS), a network of servers that acts as the yellow pages of the Internet ... DNS works like this: When you type BankofAmerica. (ABC News)
Patches released earlier this month to quash a critical bug in the DNS have slowed servers running BIND, the Internet's most popular DNS software, and crippled some systems versions of ... "Given the limited time frame and associated risks we chose to finish the patches ASAP and accelerate our work on the next point releases that would address the high-volume server performance concerns. "Our immediate goal was to make patches publicly available as soon as possible," Vixie explained. Vixie... (InfoWorld)
ATt reported victim of DNS attack HD Moore was NOT Pwned - Security. ATt reported victim of DNS attack HD Moore was NOT Pwned ... The irony that HD Moore is at the center of this recent news is not lost on anyone familiar with the security sector of IT. However, the larger issue is that the attack noticed by BreakingPoint was not on their network, but a DNS server on AT&Ts network, making the ISP the first to fall victim to the DNS vulnerability discovered by Dan Kaminsky. (The Tech Herald)
Dan Kaminsky, the security researcher who discovered the DNS cache poisoning flaw, said he made his discovery while trying to speed up content distribution on the Web. Kaminsky, director of penetration testing at IOActive Inc., said he was conducting research on how to use DNS to speed up distribution times by finding the fastest server ... Kaminsky said he knew immediately that he discovered a bad issue because the flaw was affecting the way DNS works, not the way it is implemented. (Search Security, MA)
July 28, 2008 (Computerworld) has not yet patched a critical Domain Name System (DNS) bug in its Mac , analysts and security researchers noted today as some criticized the company for dragging its feet ... Apple, which integrates considerable open-source code into its operating systems, relies on BIND (Berkeley Internet Name Domain), created by the , for its DNS components ... According to , the researcher who uncovered the DNS flaw in February and helped coordinate a multivendor patch effort,... (Computerworld)
Metasploit Project founder H.D. Moore released the exploit for the recent DNS cache-poisoning vulnerability via his Metasploit Framework ... Security researcher Dan Kaminsky announced the July 8 when DNS vendors rallied to conduct a massive coordinated patch release ... A successful DNS attack could happen in seconds. (Search Security, MA)
Just a few weeks ago, it was believed that much of the information about the DNS flaw and fixes might not be revealed for some time, as the researchers knew the details could possibly tip off black hat hackers to vulnerabilities ... By then, the DNS system would be mostly secure, and even if hackers figured out how to exploit the vulnerability, it wouldn't be there anymore ... The DNS flaw if exploited by hackers would let them fool users into thinking they were at a genuine Web site. (Missoulian, MT)
50+ On-demand DNS and network. Windows into Silicon Valley. (NetworkWorld.com)
HD Moore, the creator of the Metasploit penetration testing framework, and a hacker who goes by the alias "I)ruid" have launched attack code exploiting the DNS flaw made public earlier this month by Dan Kaminsky, director of penetration testing at Seattle-based IOActive Inc. ... The exploit will allegedly never be able to run on Windows, which means attackers or testers will need to use on of the above platforms to launch a DNS attack ... The vulnerabilities in the Domain Name System (DNS)... (eFluxMedia)
"We are in a lot of trouble," said security guru Dan Kaminsky who found the flaw in the net's Domain Name System (DNS) in March 2008 ... The DNS acts as the net's address system and helps computers translate the website names people use, such as bbc. (BBC News)
Companies and ISPs still not patched against Kaminsky DNS vulnerability - Security. Companies and ISPs still not patched against Kaminsky DNS vulnerability ... Kaminsky's discovery of DNS flaws is the biggest security story of the month, and it will likely see even more coverage now that, and both concept and exploit code are also available. (The Tech Herald)
The details of the DNS bug have now made their way into the public arena, opening the flood gates for hackers seeking an easy exploit ... The flaw can be exploited to launch DNS cache poisoning attacks, which essentially cause Internet servers and ISPs to accept false information. (Asia Times Online)
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately. - July 24, 2008 3:25 PM The latest beta of Yahoo's hybrid e-mail client enables offline access to Web-based and traditional messaging systems. (PC World)
50+ On-demand DNS and network. Nearpoints. (NetworkWorld.com, MA)
"We are in a lot of trouble," said IOActive security specialist Dan Kaminsky, who stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants to collaborate on a solution ... DNS is used by every computer that links to the Internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites. (The Drudge Report)
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately ... DNS servers are one of the most critical, yet vulnerable, network infrastructure applications. (PC World)
Enterprise Strategy Group analyst Lauren Whitehouse called the offering " for Windows servers and applications saving data continuously, which reduces the amount of data that could be lost between disruption and recovery. If there is an interruption, an IT administrator can fail over to the secondary copy. Real-Time serves up the application and data rapidly to minimize downtime. "It's a nice complement to batch backup strategies, especially for organizations that have tiers of applications that... (EnterpriseStorageForum)
Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet ... Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches ... Kaminsky had worked for several months with major providers of DNS software such as Microsoft, Cisco and... (PC World)
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately. - July 23, 2008 4:21 PM A new open source project is develoing a new micro-kernel database based on MySQL, targeted at large-scale Web applications. (PC World)
Hackers say they should have attack code for the DNS bug within days; attackers could redirect a company's customers to malicious Web sites without their knowledge ... One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon ... And that's bad news, according to Paul Vixie, president of the company that is the dominant maker of DNS software, the... (InfoWorld)
Two weeks of silence helped, says researcher who found critical flaw The researcher whose speculation led to an early disclosure of information about a critical flaw in the Domain Name System (DNS), the Internet's traffic cop, wasn't the first to come close to the truth, said the security expert who found the bug and organized a massive patching effort. 24 July, 2008 14:27:59. (CIO Australia)
One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon ... And that's bad news, according to Paul Vixie, president of the company that is the dominant maker of DNS software, the Internet Systems Consortium ... The attack can be used to redirect victims to malicious servers on the Internet by targeting the DNS servers that serve as signposts for all... (PC World)
- July 22, 2008 Hackers say that they will soon develop attack code that exploits a recently published, critical DNS bug. Latest Expert Blogs. (PC World)
Blog discusses the technical details of an Internet bug that attackers could use to launch a DNS cache poisoning attack ... A computer security company on Monday inadvertently published details of a major flaw in the Internet's DNS several weeks before they were due to be disclosed ... The companies released a fix for the bug two weeks ago and encouraged corporate users and Internet service providers to patch their DNS systems as soon as possible. (InfoWorld)
Load balancing, DNS, 500GB of storage, and incoming data transfers are free. Outbound data transfers cost 25 cents per gigabyte. (InfoWorld)
Who's Really at Risk From the DNS Flaw ... Who's Really at Risk From the DNS Flaw ... With DNS so vital to the operation of the Internet, security threats to it need to be taken seriously. (eSecurityPlanet)
Details of the Domain Name System (DNS) flaw uncovered by security researcher Dan Kaminsky have found their way into the public arena ... Earlier today, a security researcher posted their hypothesis regarding Dan Kaminskys DNS finding," he wrote. "Shortly afterwards, when the story began getting traction, a post appeared on our blog about that hypothesis ... The flaw, which can be exploited to launch DNS cache poisoning attacks against DNS servers, was discovered by Kaminsky several months ago... (eWeek)
He is also the author of Hardening Linux, which focuses on hardening Linux hosts including the base operating system, file systems, firewalling, connections, logging, testing your security and securing a number of common applications including e-mail, FTP and DNS.. James has previously worked as an Executive Manager of IT Security at the Commonwealth Bank of Australia, the CIO of a medical research foundation doing Web-based clinical trials, managing the architecture group of an outsourcing... (Search Enterprise Linux)
(The DNS system - kind of like a phone book for the Internet - handles the translation of the user-friendly alphabetical addresses into not user-friendly but machine-friendly IP numbers). The current IP version 4 - called IPv4 - is forecast to run out of address space soon - as early as 2011, some say. (Missoulian, MT)
PC World - Business Center: The Story Behind San Francisco's Rogue Network Admin. Smart Technology for Smart Companies Topics. (PC World)
As of Thursday, Internet providers including AT (nyse: - - ), Time Warner Cable (nyse: - - ), Cablevision (nyse: - - ) and EarthLink (nasdaq: - - ) had yet to install the software patch that would protect their customers from a cybercriminal exploit known as Domain Name System (DNS) Cache Poisoning, according to the findings of a Web-based analysis tool created by Dan Kaminsky, the security researcher who originally found the bug. The security flaw, found in the DNS servers used by large... (Forbes -- Technology)
DNSstuff Freeware Detects Vulnerable DNS Servers ... DNSstuff Freeware Detects Vulnerable DNS Servers ... DNSstuff Freeware Detects Vulnerable DNS Servers. (eWeek)
- July 17, 2008 11:58 AM Here's a quick test to see if your company's DNS servers, which guide all Internet traffic, are at risk from a major flaw disclosed last week. Featured Resources. (PC World)
"It is important to note that without changes to the DNS (domain name system) protocol these mitigations cannot completely prevent cache poisoning," the agency says on its website ... The flaw exploits how the internet's address mechanism, known as the domain name system (DNS), works ... DNS allows people to visit websites by typing in words - such as google. (Sydney Morning Herald -- Technology)
This might have been the work of science fiction until this weeks announcement of a major design flaw in the Domain Name System (DNS) that runs the internet, writes Stewart Twynhamt ... com - and thats where the DNS or Domain Name System comes in ... So DNS servers are spread around the world, acting like phone books for your local area. (Accounting Web, UK)
A dangerous error in the core element of how the Internet runs was patched in a coordinated release of updates issued by the vendors that sell Domain Name System (DNS) servers ... in the way the DNS server handles Internet traffic ... DNS servers are very old and stable software components but they interact with routers and other company systems, he said. (Search Security, MA)
Me: You mentioned that you didn't expect to discover this particular vulnerability, the DNS vulnerability ... And it's the same for Web browsers and it's for Office clients and it is for DNS servers, everything has capabilities, everything has more capabilities than they were originally designed to have ... I know I wasn't to going to ask directly about the DNS thing, but you discovered it say early in the year and then you had a meeting with the vendors and then you arrived at a date where... (CNET News)
The Domain Name System (DNS) is a distributed hierarchical system used by servers that use the Internet Protocol (IP)to convert IP adresses (such as 85. 135. (Yahoo News -- Online Privacy)
InternetNews Realtime IT News - Is DNSSEC the Answer to Internet Security ... Is DNSSEC the Answer to Internet Security ... The technology to secure the DNS system has been around for four years, yet many servers don t use it. (SmallBusinessComputing)
July 9 /PRNewswire/ -- Nominum, the leading provider of network naming and addressing technologies, announced that latest versions of it's Caching Name Server and Vantio Base Server software meet and exceed the tightened DNS security measures required to address a new DNS security threat announced by the United States Computer Emergency Readiness Team (US-CERT) Vulnerability notice number 800113 on July 8th, 2008. (Logo: ) Nominum's expertise with DNS and its vantage point in more than 100... (PR Newswire)
MS08-037 fixes two problems in the Windows Domain Name System (DNS) that might allow a remote attacker to redirect network traffic to their own systems instead ... "The two DNS vulnerabilities are very serious because there is potential to poison both the DNS Server and Client. If an attacker poisons the cache of a client by spoofing a response, it only affects a single computer, but if they poison the DNS Server, they could potentially provide spoofed responses to all clients utilizing that... (eSecurityPlanet)
The fundamental fault in the Internet addressing system known as DNS would allow cyber-crooks to redirect web surfers to another page even if they typed in the correct address. Phishing scams and personal information theft would escalate as people would have been redirected to fake banking sites without their knowledge. (Asia Times Online)
It seems that AD replication was working and DNS was healthy, but FRS was not. No SYSVOL or Netlogon share, no SYSVOL tree on the second domain controller. (SearchWindows2000.com)
Security researcher Dan Kaminsky of IOActive stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants including Microsoft, Sun and Cisco to collaborate on a solution. DNS is used by every computer that links to the Internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites ... Kaminsky built a web page, , where people can find out whether their computers have the... (Sydney Morning Herald -- Technology)
The update also introduces a new default for DNS port settings for Windows Server 2000 and Windows Server 2003 ... The update also introduces a new default for DNS port settings for Windows Server 2000 and Windows Server 2003. (Search Security, MA)
Mr Kaminsky discovered the error in the workings of the Domain Name System (DNS) about six months ago. DNS is used to convert web addresses written in words - such as www. (BBC News -- Technology)
The flaw in the net's Domain Name System (DNS) was discovered in March 2008 and since then many firms have been preparing patches and updates to ensure it cannot be exploited by hi-tech criminals. On Tuesday Microsoft released its patch for DNS as part of its regular security update cycle. (BBC News -- Technology)
Kaminsky made headlines on Tuesday by talking about a major flaw in the DNS (Domain Name System), used to connect computers to each other on the Internet. In late March he grouped together 16 companies that make DNS software -- companies like Microsoft, Cisco and Sun Microsystems -- and talked them into fixing the problem and jointly releasing patches for it ... The appears to be a serious one that could be exploited in what's called a "cache poisoning attack." These attacks hack the DNS system,... (PC World)
Through a DNS attack, a can redirect Internet users' page requests to sites or other malicious pages. Various reports suggest that ZoneAlarm interpreted the Microsoft patch itself as malicious code, and automatically severed users' Internet connections in response. (InformationWeek)
This will cause your iPhone to restart, and will delete any stored Wi-Fi passwords as well as DNS settings and more. It can resolve signal strength issues in some cases. (CNET News)
Top 10: iPhone 3G, DNS flaw, Microsoft's cloud. This week's roundup of the top 10 tech news stories includes the release of the iPhone 3G, a controversial DNS flaw, Microsoft's cloud computing strategy, and more ... But there was other news as well, including warnings that a DNS vulnerability really is serious and the ouster by VMware's board of cofounder and CEO Diane Greene. (InfoWorld)
Security Community Cooperates To Fix 'DNS Poisoning' -- Internet Security -- InformationWeek ... Security Community Cooperates To Fix 'DNS Poisoning ... Armed with knowledge of DNS transaction IDs, an attacker could reroute requests for certain Web sites to Web sites of his or her choosing or hijack e-mail. (InformationWeek)
The flaw has to do with the , or DNS, that is the Internets address book. The DNS enables you to connect with other online computers and Web sites ... Kaminsky found a glitch in the DNS by which an attacker could easily take over portions of the Internet and redirect users to malicious locations. (USA Today -- Tech)
"It is important to note that without changes to the DNS [domain name system] protocol these mitigations cannot completely prevent cache poisoning," said the agency on its website. Kaminsky said he would reveal more details about the problem at a computer security conference next month. (guardian.co.uk)
There are services like dynamic DNS which allow users like myself the guise of having a static IP, however the actual IP that they point to would vary. Sorry to nitpick, but it s important to fact-check before you post. (New York Times)
Through its IANA subsidiary organization, ICANN manages the DNS root zone and assigns the DNS operators for the Internet's top-level domains, such as ... DNS, which translates the domains and URLs such as into IP addresses, is a critical component of the Web's traffic-guiding infrastructure ... "The DNS redirect was a result of an attack on ICANN's registrar's systems," said ICANN. "A full, confidential, security report from that registrar has since been provided to ICANN with respect to this... (New York Times)
com into your browser, the browser sends a query off to a big telephone book in the sky and asks "Hey, what's the IP address for google.com?" This big telephone book, more commonly called a "Domain Name Server" or DNS for short, returns 216. 239. (Sify)
Troj/DNSChan-B Trojan includes functionality to modify the DNS setting, access the internet and communicate with a remote server via HTTP.. When first run Troj/DNSChan-B copies itself to (System)\(random filename) ... The following registry entries are created to run Troj/DNSChan-B on startup. (eSecurityPlanet)
Back to Networking News
©1998-2008 SurfWax, Inc.
All rights reserved. Patents pending.
Copyright SurfWax, Inc. 2008 |