[Owasp-Mumbai] DNS poisoning - wide impact
Jitesh.Kamat at gs.com
Thu Jul 10 16:18:41 EDT 2008
Dan Kaminsky will provide details on the vuln. during Blackhat2008 in
Vegas, [I'll be there : -)] but initial reports suggest that it is a
fundamental design issue which makes guessing DNS query transaction ID
possible. (as they say, look closely and there is a pattern even in
randomness : -)
With much press attention on this issue, wanted to share a refresher on
cache attacks with the list : http://www.lurhq.com/dnscache.pdf
It's a good read.
From: Yash Kadakia [mailto:teccoder at gmail.com]
Sent: Thursday, July 10, 2008 1:38 PM
To: Kamat, Jitesh
Cc: owasp-mumbai at lists.owasp.org
Subject: Re: [Owasp-Mumbai] DNS poisoning - wide impact
Problems such as DNS Poisoning, DNS Pinning have existed for a while.
Unfortunately most organizations wait for an out-break to occur before
any security measures are taken.
Anyway that being said, I am glad that at-least some effort has been
taken to patch this flaw.
Kamat, Jitesh wrote:
> Most of you are probably already aware of the recent DNS poisoning
> vulnerability (read more here:
> that was discovered by Dan Kaminsky. To remediate this one , major
> players in the industry have collaborated - this is an impressive
> Readup Kaminsky's blog which also has a quick DNS checker to find if
> your own firm's DNS is vulnerable: http://www.doxpara.com/?p=1162
> - Jitesh Kamat
> OWASP-Mumbai mailing list
> OWASP-Mumbai at lists.owasp.org
More information about the OWASP-Mumbai