SecurityRatty: tag: dns

An Update to Photobucket's DNS Hijacking

2008-06-24 06:08:15 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...DNS records by Turkish hacking group , the second high profile DNS hijack for the past two months next to Comcast.net's DNS hijacking in May , domain registrant impersonation attacks seems to fully work, and Tier 1 domain registrars remain susceptible to them So far, none of these DNS hijacks served any malware, live exploits, or bogus home...

Tags: dns, photobucket, complete dns replication, dns records, complete, site, replication, photobucket site, domain photobucket

New Open-Source DNS Server Supports DNSSEC

2008-05-20 10:35:23 by Editor in Cheap Hack

...DNS server. It's an important program. Unbound is so-named to contrast it to BIND (Berkeley Internet Name Domain) , the overwhelmingly most popular recursive DNS (Domain Name System) server on the Internet. But BIND, which is also open source, is not many people's favorite program. It has a long history of serious security problems and is not...

Tags: dns, dns servers, authoritative dns servers, popular recursive dns, recursive, protect dns results, source, unbound, bind

What Dans DNS Checker Doesnt Do

2008-07-10 23:03:03 by Chris Eng in Zero in a bit

...Dns utility doesnt Poison anybodys DNS cache Expose how the actual exploit works What it does is check whether your ISPs DNS server is patched. Plain and simple. It looks for one thing source port randomization. This does not give away the exploit, it checks for the existence of the sledgehammer fix that prevents the exploit from working...

Tags: server, dans server, isps dns server, server dan controls, coms dns server, dns server, source port, source port varies, source port randomization

Massive Coordinated Patch Effort To DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack

...DNS client and server patch in today's Microsoft monthly patches wasn't just a Microsoft problem. It was part of a coordinated effort to patch numerous DNS servers for a series of problems that are common to DNS implementations. The US-Cert advisory on the problem describes three problems which, research has shown, can be combined into...

Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status

Massive Patch Effort Coordinated for DNS System Flaw

2008-07-08 17:56:25 by Editor in Cheap Hack

...DNS client and server patch in the July 8 set of Microsoft monthly patches wasn't just a Microsoft problem. It was part of a coordinated effort to patch numerous DNS servers for a series of problems that are common to DNS implementations. The US-CERT advisory on the subject describes three problems that, research has shown, can be combined...

Tags: microsoft monthly patches, microsoft, dns servers, isc bind, isc, servers, attacks, internet systems consortium, status

'The' DNS Issue of 2008

2008-07-10 02:54:02 by JJ in Security Uncorked

...DNS issue. The bug was found earlier this year, but the discoverer ( Dan Kaminsky ) and team worked fervently with leaders of the technology industry to create patches for all platforms before the big announcement. And- kudos to them all for keeping zipped lips until the problem could be contained (despite all the heckling and harassing You...

Tags: dns, dns issue, dns servers, servers, post-black hat blogs, black hat, dns server, server, post

Security Matters: Lesson From the DNS Bug: Patching Isn't Enough

2008-07-23 19:00:00 by Bruce Schneier in Wired Security

...DNS cache poisoning. The DNS system is what translates domain names people understand, like www.schneier.com, to IP addresses computers understand: 204.11.246.1. There is a whole family of vulnerabilities where the DNS system on your computer is fooled into thinking that the IP address for www.badsite.com is really the IP address for...

Tags: security, security engineer, security engineer brings, security holes, smart design choice, design, security engineers, kaminsky, dan kaminsky

Update on the DNS Vulnerability: 0-day

2008-07-22 14:20:09 by JJ in Security Uncorked

...DNS vulnerability Based on posts and Twitters last night from Dan and the snippits of information I gleaned from fellow Security Twits and bloggers I think we are all aware that the DNS vulnerability is now out in the open The team that discovered the vulnerability was due to release details of the exploit at BlackHat (in 2 weeks)....

Tags: vulnerability, dns vulnerability, dns server, details, release details, fellow security twits, exploit, nother story, information

DNS resolution path corruption: Guard your registry

2008-02-12 08:15:59 by Editor in Adventures in Security

A new type of DNS attack can not only redirect domain name resolution requests to a malicious server, it can also modify a victim's registry so that his or her PC always uses the malicious DNS server. According to the original designer of DNS, this is becoming a serious issue--one that will probably require a large breach before many in the...

Tags: dns, malicious dns server, dns attack, registry, resolution requests, original designer, redirect domain, malicious server, require

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo