Home > Blogs > Kaminsky DNS Forgery Attack Public - PATCH NOW!

Kaminsky DNS Forgery Attack Public - PATCH NOW!

In case you missed it, Dan Kaminsky, DNS and security guru discovered a MAJOR bug in DNS that is...well, no one really knew! However, it was bad enough for all DNS experts around the world and DNS software vendors to fix the problem in what has to be the biggest collective patch ever - without a single leak. Well, hackers being hackers don't need a leak to figure out a problem. They just need a rough idea to fuel the possibilities...

Yes. The information is public. Slashdot has it. Blogs have it. We aren't going to post it, but it shouldn't take you long to find it.

So, is it really THAT bad? Well, yes. Basically, Dan figure out how to poison ANY DNS servers cache. The end result - people using the DNS server will think they are at Paypal, but are really at evilguy.com.

Crap - it looks like I am headed back to IP address look ups for a while! At least until I know my DNS server (and the servers it queries) are patched...

Become an InformIT Member

Take advantage of special member promotions, everyday discounts, quick access to saved content, and more! Join Today.