Domain Name System: Friend or Foe? Aug 8, 2008
Online, the ongoing DNS debacle has shaken some faith in what we've relied on for so long. ... In simple terms, he found a way that could allow malicious individuals or groups to blast away DNS responses to affected software for a site's subdomain and get their version of IP addresses to stick for any particular requested DNS query on that domain ... An example of a large threat would be for online banking services, which could have their IP addresses silently changed on an affected ISP's DNS... (eSecurityPlanet)
Kaminsky Reveals Details of Critical DNS Flaw Aug 8, 2008
Kaminsky first stepped into the public eye months ago with a discovery of the fundamental flaw in the DNS protocol, which provides a back and forth "conversation" between host URLs to addresses. If the attacker is able to determine certain crucial request functions, like source and the ID, he or she could then send a phony response that is cached by the DNS server ... Kaminsky had initially requested for members of the security research community to uphold a proposed "discussion blackout" on... (CRN)
Internet's Major Security Problem Also Affects E-Mail Aug 8, 2008
Kaminsky, who spoke Wednesday at the Black Hat hacker conference in Las Vegas, has given few details publicly about the vulnerability he found in the Domain Name System, or DNS, a network of servers used to connect computers to Web sites ... His presentation instantly became one of the Black Hat conference's most anticipated after he announced July 8 that he'd found a major weakness in DNS, a critical part of the Internet's plumbing ... One of those was the susceptibility of many e-mail servers... (Fox News)
Parallels Server for Mac underwhelms Aug 8, 2008
Technology ess Daily. Inexplicably poor support for Mac OS X Server as a guest tops a list of shortcomings that makes Parallels' much-anticipated server virtualization platform a very mixed bag. (InfoWorld)
Samsung, Microsoft in talks to speed up SSDs on Vista Aug 8, 2008
Technology ess Daily. Vista has been optimized to handle hard-drive data in smaller chunks, resulting in inefficient SSD performance when slotted into a disk drive bay. (InfoWorld)
Google Apps hit by prolonged Gmail access problem Aug 8, 2008
Technology ess Daily. Subscribers to the Google Apps hosted software suite were among the users locked out of their accounts for about 15 hours. (InfoWorld)
Put new life into Windows XP Aug 8, 2008
Technology ess Daily. If XP is feeling sluggish or looks and acts outdated, try these tips to give XP a little extra spit and polish. (InfoWorld)
SQL Server 2008's future 'cloudy' Aug 8, 2008
Technology ess Daily. SQL Server 2008's future 'cloudy. (InfoWorld)
Hands on: HP's Mini-Note netbook Aug 8, 2008
Technology ess Daily. Hands on with HP's Mini-Note netbook. (InfoWorld)
RELATED: Officials, nerds ogle security researcher Kaminsky Aug 8, 2008
His talk, "DNS Goodness," detailed origins of the bug, its scope, and how it is being countered ... The underlying flaw is in the Domain Name System (DNS), a network of millions of computer servers that translate words typed into Web browsers into numerical codes that PCs can understand ... DNS attacks aren't new. (USA Today -- Tech)
Kaminsky Details DNS Flaw at Black Hat Talk Aug 7, 2008
The data comes from a talk presented here at the Black Hat security conference in Las Vegas by Dan Kaminsky, the Seattle based IOActive researcher who discovered a fairly trivial way that bad guys could corrupt records found in the domain name system (DNS) and fill them with inaccurate information. On July 8, Microsoft, Cisco, Sun Microsystems and dozens of other Internet companies to fix this fundamental design in DNS, the communications standard that acts as a kind of phone book for the... (Washington Post)
Huge Internet Security Hole Slowly Being Fixed Aug 7, 2008
The underlying flaw is in the Domain Name System (DNS), a network of millions of servers that translate words typed into Web browsers into numerical codes that computers can understand. Getting from one place to another on the Internet typically requires a trip through several DNS servers, including some that accept incoming data and store parts of it ... com and head straight to the real Yahoo site, while at the same moment, a user in New York whose traffic is routed through different DNS... (Fox News)
I-Team: Computer Expert Seeks to Make Internet Safe Aug 7, 2008
"DNS -- The Domain Name System," he said. It works like this. (KLAS-TV.com, NV)
Electronic Privacy Information Center: Privacy Aug 6, 2008
The Domain Name System (DNS) is a distributed hierarchical system used by servers that use the Internet Protocol (IP)to convert IP addresses (such as 85. 135. (Yahoo News -- Online Privacy)
Core problem Aug 6, 2008
While many vendors patched their DNS software weeks ago and a growing number of ISPs have updated their systems to the latest version, Apple did not offer an update until last week ... It is rather ironic that one of the attacks being developed to take advantage of the DNS flaw subverts automatic updating of software, so we Mac users might be tricked into downloading malicious software because we assume it's just another unexpected update pushed at us by Apple. (BBC News -- Technology)
Apple misses mark on DNS patch Aug 5, 2008
Apple has failed to fully patch a DNS vulnerability, say researchers ... Security researchers are claiming that Apple has failed to fully patch the high profile DNS cache poisoning error ... The so-called Kaminsky flaw (named for its discoverer, Dan Kaminsky,) has sent vendors scrambling to patch what is said to be a fundamental vulnerability in the DNS system. (VNUNet.com)
Firewall vendors scramble to fix DNS problem Aug 5, 2008
Some firewall software undoes a feature that was introduced in the DNS patches and could make it easier for attackers to pull off a cache-poisoning attack against the DNS server ... The DNS flaw affects server software made by many vendors, including Microsoft, Cisco Systems, and the Internet Systems Consortium ... Some firewall software undoes a source port randomization feature that was introduced in the DNS patches. (InfoWorld)
Technology - DNS secret fix: The story continues Aug 4, 2008
But the first exploit has already appeared, and many of the Internet s DNS servers still run the problem software and are vulnerable ... But because of the software flaws, it s possible for hackers to poison the data records in a DNS server and have the server invisibly redirect a user to another Web site, one that is fake but appears to be the correct one, Internet address and all ... Security researcher Dan Kaminsky, who discovered the DNS flaw earlier in the spring - and who organized the... (Missoulian, MT)
Top 10 stories of the week Aug 3, 2008
This week's roundup of the top tech news stories includes patching the DNS flaw, the rogue SF admin, Microsoft's post-Windows OS, and more ... Patches for the DNS vulnerability that has generated so much buzz have led to performance problems for servers running BIND (Berkeley Internet Name Domain) software ... BIND is the most popular DNS software. (InfoWorld)
Apple DNS Security Patch Flawed, Leaves Users At Risk Aug 2, 2008
Aug. 02, 2008 Apple finally rolled out a software update to fix the much-heralded Name System (DNS) security flaw, but it seems the celebration may have been premature ... However, several security researchers Friday said Apple's DNS doesn't actually fix the problem and that Mac users are still at risk ... "Did Apple forget to patch something? By the look of things, the DNS client on the OSX 10.4.11 distribution still has not been patched," said security researcher Andrew Storms, director of... (CRN)
IBM X-Force report critical of independent security researchers Aug 2, 2008
A number of security researchers took issue with ISS's conclusions about vulnerability research and disclosure, saying that, especially in the case of the DNS vulnerability, there was little else that could have been done to help protect users ... " SearchSecurity radio: "It created a situation where eventually the security community put customers more at risk by the speculation and flooding of more information, which followed with exploitation code," Lamb said. Internet Security Systems Inc.... (Search Security, MA)
Apple finally patches DNS flaw Aug 2, 2008
Apple finally patches dangerous DNS flaw. Other vendors, including Cisco and Microsoft, had patches ready when the existence of the DNS flaw was disclosed on July 8 ... On Friday, Apple posted a saying that the patch will fix Apple's implementation of the Berkeley Internet Name Domain (BIND) DNS server in Mac OS X v10. (InfoWorld)
Child porn filters to cut Aussie broadband speeds Aug 2, 2008
"I have a number of concerns with this.Firstly, to say the performance difference will not be "noticeable" is assuming every user of the internet is doing basic things like reading emails with a high speed broadband connection. What about businesses who backup offsite over a tunnel or users who depend on as much bandwidth as possible for various things. If you add 20 percent to the time it takes to do these tasks, it could cause all sorts of problems. There's also the poor Australians without... (iT News)
About The Internet DNS Flaw Aug 1, 2008
Its actually a problem with the software behind just about all domain name servers - DNS for short ... Instead we rely on the DNS servers to look them up for us ... But on July 8, security researcher Dan Kaminsky found a flaw in the software used on most DNS servers that make it possible for a hacker to re-direct a DNS. If exploited, that flaw would allow a criminal to re-direct people to the wrong site. (CBS News)
Major Web Flaw Puts Personal Info At Risk Aug 1, 2008
Computer Security Experts Hustle to Protect DNS Servers from Hackers ... Discovered by Dan Kaminsky, a computer security consultant for IOActive, the flaw allows hackers to penetrate the Internet's Domain Name Servers (DNS), a network of servers that acts as the yellow pages of the Internet ... DNS works like this: When you type BankofAmerica. (ABC News)
DNS patches cause problems Jul 31, 2008
Patches released earlier this month to quash a critical bug in the DNS have slowed servers running BIND, the Internet's most popular DNS software, and crippled some systems versions of ... "Given the limited time frame and associated risks we chose to finish the patches ASAP and accelerate our work on the next point releases that would address the high-volume server performance concerns. "Our immediate goal was to make patches publicly available as soon as possible," Vixie explained. Vixie... (InfoWorld)
AT&T first reported victim of DNS attack HD Moore was NOT Pwned Jul 31, 2008
ATt reported victim of DNS attack HD Moore was NOT Pwned - Security. ATt reported victim of DNS attack HD Moore was NOT Pwned ... The irony that HD Moore is at the center of this recent news is not lost on anyone familiar with the security sector of IT. However, the larger issue is that the attack noticed by BreakingPoint was not on their network, but a DNS server on AT&Ts network, making the ISP the first to fall victim to the DNS vulnerability discovered by Dan Kaminsky. (The Tech Herald)
DNS flaw handling leaves Kaminsky pleased Jul 30, 2008
Dan Kaminsky, the security researcher who discovered the DNS cache poisoning flaw, said he made his discovery while trying to speed up content distribution on the Web. Kaminsky, director of penetration testing at IOActive Inc., said he was conducting research on how to use DNS to speed up distribution times by finding the fastest server ... Kaminsky said he knew immediately that he discovered a bad issue because the flaw was affecting the way DNS works, not the way it is implemented. (Search Security, MA)
Security experts knock Apple for not patching DNS bug Jul 29, 2008
July 28, 2008 (Computerworld) has not yet patched a critical Domain Name System (DNS) bug in its Mac , analysts and security researchers noted today as some criticized the company for dragging its feet ... Apple, which integrates considerable open-source code into its operating systems, relies on BIND (Berkeley Internet Name Domain), created by the , for its DNS components ... According to , the researcher who uncovered the DNS flaw in February and helped coordinate a multivendor patch effort,... (Computerworld)
DNS exploit code released by Metasploit founder Jul 29, 2008
Metasploit Project founder H.D. Moore released the exploit for the recent DNS cache-poisoning vulnerability via his Metasploit Framework ... Security researcher Dan Kaminsky announced the July 8 when DNS vendors rallied to conduct a massive coordinated patch release ... A successful DNS attack could happen in seconds. (Search Security, MA)
Secret fix addresses flaw on Net Jul 28, 2008
Just a few weeks ago, it was believed that much of the information about the DNS flaw and fixes might not be revealed for some time, as the researchers knew the details could possibly tip off black hat hackers to vulnerabilities ... By then, the DNS system would be mostly secure, and even if hackers figured out how to exploit the vulnerability, it wouldn't be there anymore ... The DNS flaw if exploited by hackers would let them fool users into thinking they were at a genuine Web site. (Missoulian, MT)
Windows Mojave Launches! Jul 28, 2008
50+ On-demand DNS and network. Windows into Silicon Valley. (NetworkWorld.com)
Update: Security Expert, Hacker, Launch DNS Attack Code Jul 27, 2008
HD Moore, the creator of the Metasploit penetration testing framework, and a hacker who goes by the alias "I)ruid" have launched attack code exploiting the DNS flaw made public earlier this month by Dan Kaminsky, director of penetration testing at Seattle-based IOActive Inc. ... The exploit will allegedly never be able to run on Windows, which means attackers or testers will need to use on of the above platforms to launch a DNS attack ... The vulnerabilities in the Domain Name System (DNS)... (eFluxMedia)
Attacks begin on net address flaw Jul 26, 2008
"We are in a lot of trouble," said security guru Dan Kaminsky who found the flaw in the net's Domain Name System (DNS) in March 2008 ... The DNS acts as the net's address system and helps computers translate the website names people use, such as bbc. (BBC News)
Companies and ISPs still not patched against Kaminsky DNS ... Jul 26, 2008
Companies and ISPs still not patched against Kaminsky DNS vulnerability - Security. Companies and ISPs still not patched against Kaminsky DNS vulnerability ... Kaminsky's discovery of DNS flaws is the biggest security story of the month, and it will likely see even more coverage now that, and both concept and exploit code are also available. (The Tech Herald)
All about face Jul 26, 2008
The details of the DNS bug have now made their way into the public arena, opening the flood gates for hackers seeking an easy exploit ... The flaw can be exploited to launch DNS cache poisoning attacks, which essentially cause Internet servers and ISPs to accept false information. (Asia Times Online)
Gateway to Stop Selling PCs Through Web Site Jul 26, 2008
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately. - July 24, 2008 3:25 PM The latest beta of Yahoo's hybrid e-mail client enables offline access to Web-based and traditional messaging systems. (PC World)
Mossberg Pans MobileMe: Did Apple Screw Up? Jul 26, 2008
50+ On-demand DNS and network. Nearpoints. (NetworkWorld.com, MA)
Hackers get hold of critical Internet flaw... Jul 25, 2008
"We are in a lot of trouble," said IOActive security specialist Dan Kaminsky, who stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants to collaborate on a solution ... DNS is used by every computer that links to the Internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites. (The Drudge Report)
Fugitive Spam King Dead in Apparent Murder-suicide Jul 25, 2008
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately ... DNS servers are one of the most critical, yet vulnerable, network infrastructure applications. (PC World)
BakBone Gets Into Recovery Jul 25, 2008
Enterprise Strategy Group analyst Lauren Whitehouse called the offering " for Windows servers and applications saving data continuously, which reduces the amount of data that could be lost between disruption and recovery. If there is an interruption, an IT administrator can fail over to the secondary copy. Real-Time serves up the application and data rapidly to minimize downtime. "It's a nice complement to batch backup strategies, especially for organizations that have tiers of applications that... (EnterpriseStorageForum)
Attack Code Released for New DNS Attack Jul 24, 2008
Hackers have released software that exploits a recently disclosed flaw in the Domain Name System (DNS) software used to route messages between computers on the Internet ... Internet security experts warn that this code may give criminals a way to launch virtually undetectable phishing attacks against Internet users whose service providers have not installed the latest DNS server patches ... Kaminsky had worked for several months with major providers of DNS software such as Microsoft, Cisco and... (PC World)
Microsoft's Online Woes Hint at Larger Vulnerability Jul 24, 2008
- July 23, 2008 10:33 AM If you even suspect you have a DNS nameserver running in your company, it's critical you patch it immediately. - July 23, 2008 4:21 PM A new open source project is develoing a new micro-kernel database based on MySQL, targeted at large-scale Web applications. (PC World)
Attack code imminent for DNS flaw Jul 24, 2008
Hackers say they should have attack code for the DNS bug within days; attackers could redirect a company's customers to malicious Web sites without their knowledge ... One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon ... And that's bad news, according to Paul Vixie, president of the company that is the dominant maker of DNS software, the... (InfoWorld)
NBN bigger than Snowy Mountains Scheme, says Govt Jul 24, 2008
Two weeks of silence helped, says researcher who found critical flaw The researcher whose speculation led to an early disclosure of information about a critical flaw in the Domain Name System (DNS), the Internet's traffic cop, wasn't the first to come close to the truth, said the security expert who found the bug and organized a massive patching effort. 24 July, 2008 14:27:59. (CIO Australia)
With DNS Flaw Now Public, Attack Code Imminent Jul 23, 2008
One day after a security company accidentally posted details of a serious flaw in the Internet's Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon ... And that's bad news, according to Paul Vixie, president of the company that is the dominant maker of DNS software, the Internet Systems Consortium ... The attack can be used to redirect victims to malicious servers on the Internet by targeting the DNS servers that serve as signposts for all... (PC World)
MySpace Eases Data Portability Policies, Adopts OpenID Jul 23, 2008
- July 22, 2008 Hackers say that they will soon develop attack code that exploits a recently published, critical DNS bug. Latest Expert Blogs. (PC World)
Details of DNS flaw posted Jul 23, 2008
Blog discusses the technical details of an Internet bug that attackers could use to launch a DNS cache poisoning attack ... A computer security company on Monday inadvertently published details of a major flaw in the Internet's DNS several weeks before they were due to be disclosed ... The companies released a fix for the bug two weeks ago and encouraged corporate users and Internet service providers to patch their DNS systems as soon as possible. (InfoWorld)
Reviews: Cloud versus cloud Jul 23, 2008
Load balancing, DNS, 500GB of storage, and incoming data transfers are free. Outbound data transfers cost 25 cents per gigabyte. (InfoWorld)
Who's Really at Risk From the DNS Flaw? Jul 22, 2008
Who's Really at Risk From the DNS Flaw ... Who's Really at Risk From the DNS Flaw ... With DNS so vital to the operation of the Internet, security threats to it need to be taken seriously. (eSecurityPlanet)
DNS Flaw Details Leaked Accidentally Jul 22, 2008
Details of the Domain Name System (DNS) flaw uncovered by security researcher Dan Kaminsky have found their way into the public arena ... Earlier today, a security researcher posted their hypothesis regarding Dan Kaminskys DNS finding," he wrote. "Shortly afterwards, when the story began getting traction, a post appeared on our blog about that hypothesis ... The flaw, which can be exploited to launch DNS cache poisoning attacks against DNS servers, was discovered by Kaminsky several months ago... (eWeek)
Installing the MySQL database server securely: Jul 21, 2008
He is also the author of Hardening Linux, which focuses on hardening Linux hosts including the base operating system, file systems, firewalling, connections, logging, testing your security and securing a number of common applications including e-mail, FTP and DNS.. James has previously worked as an Executive Manager of IT Security at the Commonwealth Bank of Australia, the CIO of a medical research foundation doing Web-based clinical trials, managing the architecture group of an outsourcing... (Search Enterprise Linux)
Internet addresses are limited Jul 21, 2008
(The DNS system - kind of like a phone book for the Internet - handles the translation of the user-friendly alphabetical addresses into not user-friendly but machine-friendly IP numbers). The current IP version 4 - called IPv4 - is forecast to run out of address space soon - as early as 2011, some say. (Missoulian, MT)
The Story Behind San Francisco's Rogue Network Admin Jul 20, 2008
PC World - Business Center: The Story Behind San Francisco's Rogue Network Admin. Smart Technology for Smart Companies Topics. (PC World)
Hackable Broadband Left Unpatched Jul 19, 2008
As of Thursday, Internet providers including AT (nyse: - - ), Time Warner Cable (nyse: - - ), Cablevision (nyse: - - ) and EarthLink (nasdaq: - - ) had yet to install the software patch that would protect their customers from a cybercriminal exploit known as Domain Name System (DNS) Cache Poisoning, according to the findings of a Web-based analysis tool created by Dan Kaminsky, the security researcher who originally found the bug. The security flaw, found in the DNS servers used by large... (Forbes -- Technology)
DNSstuff Releases Freeware to Detect Vulnerable DNS Servers Jul 18, 2008
DNSstuff Freeware Detects Vulnerable DNS Servers ... DNSstuff Freeware Detects Vulnerable DNS Servers ... DNSstuff Freeware Detects Vulnerable DNS Servers. (eWeek)
RIM Warns BlackBerry Admins of BES Security Flaw Jul 18, 2008
- July 17, 2008 11:58 AM Here's a quick test to see if your company's DNS servers, which guide all Internet traffic, are at risk from a major flaw disclosed last week. Featured Resources. (PC World)
Net scare sparks loophole fears Jul 17, 2008
"It is important to note that without changes to the DNS (domain name system) protocol these mitigations cannot completely prevent cache poisoning," the agency says on its website ... The flaw exploits how the internet's address mechanism, known as the domain name system (DNS), works ... DNS allows people to visit websites by typing in words - such as google. (Sydney Morning Herald -- Technology)
Industry moves as one to patch massive Internet security hole Jul 16, 2008
This might have been the work of science fiction until this weeks announcement of a major design flaw in the Domain Name System (DNS) that runs the internet, writes Stewart Twynhamt ... com - and thats where the DNS or Domain Name System comes in ... So DNS servers are spread around the world, acting like phone books for your local area. (Accounting Web, UK)
Vendors rally to repair dangerous DNS flaw Jul 15, 2008
A dangerous error in the core element of how the Internet runs was patched in a coordinated release of updates issued by the vendors that sell Domain Name System (DNS) servers ... in the way the DNS server handles Internet traffic ... DNS servers are very old and stable software components but they interact with routers and other company systems, he said. (Search Security, MA)
Transcript: Security Bites 107: Dan Kaminsky Jul 15, 2008
Me: You mentioned that you didn't expect to discover this particular vulnerability, the DNS vulnerability ... And it's the same for Web browsers and it's for Office clients and it is for DNS servers, everything has capabilities, everything has more capabilities than they were originally designed to have ... I know I wasn't to going to ask directly about the DNS thing, but you discovered it say early in the year and then you had a meeting with the vendors and then you arrived at a date where... (CNET News)
Electronic Privacy Information Center: Privacy Jul 14, 2008
The Domain Name System (DNS) is a distributed hierarchical system used by servers that use the Internet Protocol (IP)to convert IP adresses (such as 85. 135. (Yahoo News -- Online Privacy)
Is DNSSEC the Answer to Internet Security? Jul 14, 2008
InternetNews Realtime IT News - Is DNSSEC the Answer to Internet Security ... Is DNSSEC the Answer to Internet Security ... The technology to secure the DNS system has been around for four years, yet many servers don t use it. (SmallBusinessComputing)
Nominum's Software Update Protects Networks From New DNS Security Vulnerability Jul 13, 2008
July 9 /PRNewswire/ -- Nominum, the leading provider of network naming and addressing technologies, announced that latest versions of it's Caching Name Server and Vantio Base Server software meet and exceed the tightened DNS security measures required to address a new DNS security threat announced by the United States Computer Emergency Readiness Team (US-CERT) Vulnerability notice number 800113 on July 8th, 2008. (Logo: ) Nominum's expertise with DNS and its vantage point in more than 100... (PR Newswire)
An 'Important' Patch Tuesday Jul 13, 2008
MS08-037 fixes two problems in the Windows Domain Name System (DNS) that might allow a remote attacker to redirect network traffic to their own systems instead ... "The two DNS vulnerabilities are very serious because there is potential to poison both the DNS Server and Client. If an attacker poisons the cache of a client by spoofing a response, it only affects a single computer, but if they poison the DNS Server, they could potentially provide spoofed responses to all clients utilizing that... (eSecurityPlanet)
