SEARCH RESULTS
 
Showing 1-10 of 12 records
 
Expand article

New Open-Source DNS Server Supports DNSSEC

2008-05-20 10:35:23 by Editor in Cheap Hack
 
...BIND (Berkeley Internet Name Domain) , the overwhelmingly most popular recursive DNS (Domain Name System) server on the Internet. But BIND, which is also open source, is not many people's favorite program. It has a long history of serious security problems and is not considered high performance. Recursive, as opposed to authoritative DNS...
 
Tags: dns, dns servers, authoritative dns servers, popular recursive dns, recursive, protect dns results, source, unbound, bind
 
 
 
 
Expand article

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org
 
...bind(8c, port=26790 77e7ac53 CreateRemoteThread(h=ffffffff, start=404b05 40da1b bind(b8, port=7018 40d9c7 listen(h=b8 40a262 WaitForSingleObject(d4,2710 Nice, do a little time sync, allow ourselves through the firewall, then bind, listen, and wait First, add another registry entry 0cd2d RegCreateKeyExA...
 
Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192
 
 
 
 
Expand article

Massive Coordinated Patch Effort To DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack
 
...BIND generates cryptographically weak DNS query IDs VU#927905 - BIND version 8 generates cryptographically weak DNS query identifiers The advisory lists 101 DNS servers, their status and the date of their last update. For the large majority of the servers the status is "Unknown," but several important ones are listed as Vulnerable and all of...
 
Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status
 
 
 
 
Expand article

Massive Patch Effort Coordinated for DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack
 
...BIND generates cryptographically weak DNS query IDs VU#927905 - BIND Version 8 generates cryptographically weak DNS query identifiers The advisory lists 101 DNS servers, their status and the date of their last update. For the large majority of the servers the status is "Unknown," but several important ones are listed as Vulnerable and all of...
 
Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status
 
 
 
 
Expand article

Massive Patch Effort Coordinated for DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack
 
...BIND generates cryptographically weak DNS query IDs VU#927905 - BIND Version 8 generates cryptographically weak DNS query identifiers The advisory lists 101 DNS servers, their status and the date of their last update. For the large majority of the servers the status is "Unknown," but several important ones are listed as Vulnerable and all of...
 
Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status
 
 
 
 
Expand article

Two-way formatted data binding in ASP.NET

2008-08-15 20:22:37 by keith-brown in Security Briefs
 
...binding in ASP.NET is easy, just use the Bind expression and data will flow between your web controls and your data source flawlessly. Until that is, you try to use a format string Bind("AmountCharged", "{0:C While this displays just as you'd expect (e.g., $200), it doesn't do so well when you submit an edit that includes the same value...
 
Tags: data, data amountpaid, amountpaid, data-bound control, decimal amountpaid, return decimal, return, data source flawlessly, decimal
 
 
 
 
Expand article

Patrick Smith on Aviation Security

2008-01-11 13:47:35 by schneier in Schneier on Security
 
...bind. The willingness of our carriers to allow flying to become an increasingly unpleasant experience suggests a business sense of masochistic capitulation. On the other hand, imagine the outrage among security zealots should airlines be caught lobbying for what is perceived to be a dangerous abrogation of security and responsibility -- even...
 
Tags: security, actual security, security zealots, security experts, security spectacle, expect street protests, airport security, expect, american public
 
 
 
 
Expand article

Security Function as a Business Enabler

The Article has images
2008-06-27 20:50:00 by RaviC in Musings on Information Security
...bind the various components cohesively that aligns with the ultimate business objective. By this business will view security organization with dignity else security organization will end up being a spoke in the wheel of business In the past, I was involved in discussion about the ROI of information security and security is insurance and so...
 
Tags: security, view security organization, security organization, business, information security function, organization, information security, cohesive security strategy, strategy
 
 
 
 
Expand article

No, I Dont Know the Answer to the Big DNS Secret

2008-07-09 15:26:37 by Chris Eng in Zero in a bit
 
...BIND diffs (yes, I did it too) and discussing with colleagues, all most people saw was UDP source port randomization and a better PRNG for generating the transaction ID, the latter of which would appear to be related to Amit Kleins cache poisoning attack from about a year ago What Rich was really saying is that you can reverse engineer the...
 
Tags: design, excellent design protects, excellent design, dan, dan kaminsky, dan bernstein, tom ptacek, attack surface, attack