The Kaminsky DNS vulnerability

Many of you may have heard of the DNS vulnerability that was announced by Dan Kaminsky on July 8th and explained at this summers Black Hat conference (See the an interview with Dan at Black Hat 2008 below). You can also get media from the presentation (mp3, video, PowerPoint slides) off of the Black Hat 2008 archives 


Well Steve Friedl has put together one of the most comprehensive guides/explinations of the vulnerability on his site www.unixwiz.net and I urge anyone who’s running a DNS server of any type to give it a read. Also if you don’t already, check out Dan Kaminsky’s website DoxPara Research for great security related info. Also there’s a tool on the right hand side of Dan’s site that allows you to see if the DNS servers your computer is querying are vulnerable to the flaw. 

As always leave any comments questions or feedback in the comment section below.

If you enjoyed this post, make sure you subscribe to my RSS feed!

Published by

LiamM

I'm a self labeled Nerd who enjoys Playing Video Games, restoring classic muscle cars (i have a 65' Mustang in the works) , Running Big Data Clusters, Tattoos, Working on System Automation, Riding and customizing Motorcycles, and writing python Code. I'm an SRE with DemonWare/Activision Specializing in Big Data/Hadoop operations but all opinions and views expressed on this site are solely my own.