Exploits on the Loose for DNS Flaw

Security researcher Dan Kaminsky was preempted this week when exploit code was released for the DNS security problems that he intended to reveal at the upcoming Black Hat security conference.

Kaminsky had taken special care to ensure that information about the DNS problem was kept quiet until major software vendors had made patches available to fix the problem. Such a patch was part of Microsoft's July updates. Other major DNS software providers, including ISC--makers of BIND--also released updates.

However, this week other researchers speculated openly about the exact nature of the problem and eventually at least two different exploits were released into the wilds of the Internet. One exploit is a plugin for the popular Metasploit Framework, which automates attacks. Another exploit is a python script that can be edited to target any particular DNS server. Both exploits could allow an intruder to manipulate DNS records which in turn could misdirect users to malicious websites.

The obvious solution for protection against attacks is to update DNS software to a version that isn't vulnerable. If that's not possible then DNSSEC can be implemented to guard against this particular attack vector.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.