August 6, 2008 - Doomsday or Dud?

Dan Kaminsky, Director of Penetration Testing for IOActive, Inc., has put his reputation on the line to protect the internet.

He’s discovered a flaw in DNS that could leave it open to DNS-poisoning. For non-techies, DNS is what matches a webname like google.com to an ip address like 72.14.207.99 – the actual address of the website. A bad guy using this exploit could cause you to type in google.com and go somewhere else entirely, unlike normal phishing sites or redirects you wouldn’t know the difference.

The details are sketchy, but Mr. Kaminsky has been working with all the big guns to simultaneously release a patch to fix this issue on all platforms. Since it’s a patch going out to individuals, I gather it’s something that affects client machines and not (or not just) the name servers themselves.

If you have automatic updates on your computer, you’ve received the patch this last tuesday. If you don’t update automatically, go to your OS update site and update NOW.

Mr. Kaminsky estimates it’ll take the bad guys about a month to figure out the flaw once its presence is announced. So, August 6, 2008 is put out as the deadline to update. I wouldn’t wait.

If you want to test your own DNS, he’s provided a checker on his blog. Click on the ‘Test My DNS’ button on the right sidebar.

Links of interest:
Dan Kaminsky’s blog post on the DNS poisoning exploit
Dan Kaminsky on putting his reputation on the line
Dino Dai Zovi’s blog entry-one of two people to do a peer review on Dan’s work

And lastly, if you haven’t already-patch.


Comments

1 Fiz - Aug 16, 04:06 AM

What’s scary is how many people <i>still</i> haven’t patched yet.

2 Fiz - Aug 16, 04:07 AM

Sorry, forgot you do Italics like this here :)

Add Your Comment