[Owasp-Mumbai] DNS poisoning - wide impact

Kamat, Jitesh Jitesh.Kamat at gs.com
Thu Jul 10 16:18:41 EDT 2008


Dan Kaminsky will provide details on the vuln. during Blackhat2008 in
Vegas, [I'll be there : -)] but initial reports suggest that it is a
fundamental design issue which makes guessing DNS query transaction ID
possible. (as they say, look closely and there is a pattern even in
randomness : -)

With much press attention on this issue, wanted to share a refresher on
cache attacks with the list : http://www.lurhq.com/dnscache.pdf 

It's a good read.

-Jitesh Kamat


-----Original Message-----
From: Yash Kadakia [mailto:teccoder at gmail.com] 
Sent: Thursday, July 10, 2008 1:38 PM
To: Kamat, Jitesh
Cc: owasp-mumbai at lists.owasp.org
Subject: Re: [Owasp-Mumbai] DNS poisoning - wide impact

Problems such as DNS Poisoning, DNS Pinning have existed for a while. 
Unfortunately most organizations wait for an out-break to occur before 
any security measures are taken.

Anyway that being said, I am glad that at-least some effort has been 
taken to patch this flaw.
--
Yash Kadakia


Kamat, Jitesh wrote:
> Most of you are probably already aware of the recent DNS poisoning
> vulnerability (read more here:
> http://www.darkreading.com/document.asp?doc_id=158442&WT.svl=news1_2)
> that was discovered by Dan Kaminsky. To remediate this one , major
> players in the industry have collaborated - this is an impressive
> effort. 
>
> Readup Kaminsky's blog which also has a quick DNS checker to find if
> your own firm's DNS is vulnerable: http://www.doxpara.com/?p=1162 
>
>   - Jitesh Kamat          
> _______________________________________________
> OWASP-Mumbai mailing list
> OWASP-Mumbai at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-mumbai
>   


More information about the OWASP-Mumbai mailing list