Many of you may have heard of the DNS vulnerability that was announced by Dan Kaminsky on July 8th and explained at this summers Black Hat conference (See the an interview with Dan at Black Hat 2008 below). You can also get media from the presentation (mp3, video, PowerPoint slides) off of the Black Hat 2008 archives
Well Steve Friedl has put together one of the most comprehensive guides/explinations of the vulnerability on his site www.unixwiz.net and I urge anyone who’s running a DNS server of any type to give it a read. Also if you don’t already, check out Dan Kaminsky’s website DoxPara Research for great security related info. Also there’s a tool on the right hand side of Dan’s site that allows you to see if the DNS servers your computer is querying are vulnerable to the flaw.
As always leave any comments questions or feedback in the comment section below.
If you enjoyed this post, make sure you subscribe to my RSS feed!