The Active Network
ActiveMac Anonymous | Create a User | Reviews | News | Forums | Advertise  
 

  *  

  Details on DNS flaw inadvertently leaked; researcher says patch now
Time: 00:04 EST/05:04 GMT | News Source: BetaNews | Posted By: Kenneth van Surksum

The cat is out of the bag before Black Hat. That isn't a passage from a Dr. Seuss children's book, but a description of what happened on Monday when a Web site accidentally posted details about a DNS flaw uncovered by security researcher Dan Kaminsky earlier this month.

Kaminsky, who plans to discuss the flaw at the forthcoming Black Hat security conference in Las Vegas next month, had wanted to keep the details private until then, in hopes of preventing the flaw from being used for malicously redirecting Internet traffic to phony Web sites for large-scale phishing exploits.

Write Comment
Return to News

  Displaying 1 through 25 of 315
Last | Next
  The time now is 10:16:13 AM ET.
Any comment problems? E-mail us
#1 By 23275 (68.186.182.236) at 7/23/2008 4:59:04 AM
Well... this cat is out of the bag.

AD DNS operators that do not have recursion enabled, and do not face the public Internet relax - you had a patch a good bit ago (along with most other DNS types). This applies most to operators of "Host Named" DNS servers like our own .41 and .42 that are authoritative delegates for assigned address spaces (forward and reverse delegate authorities) and that do have recursion enabled - simply, open to the public networks.

Patching is not enough. "IF" your host named DNS server "WAS" behind a NAT and your firewall manufacturer does not have a work-around, or a patch, the NAT device itself can leave the Host Named DNS vulnerable. You'll have to move your Host Named DNS servers into the DMZ and in front of a NAT device, or the device itself will return patterned, or predictable port numbers and make vulnerable an otherwise patched DNS server.

It's a mess now, but happily, people have been cooperating for many months and patches are available. However, architectural changes have to be made in many cases. If you have not patched, do so now. If your Host Named DNS with Recursion Enabled is behind a NAT, move it to the DMZ.

#2 By 54556 (67.131.75.22) at 7/23/2008 11:34:12 AM
Good point Llyod. Its a pity that the BetaNews coverage was not complete enough to point out the NAT implications to the workarounds that are being distribeduted as patches.

#3 By 23275 (68.186.182.236) at 7/23/2008 12:54:51 PM
#2, Yes, it was/is potentially very confusing for people. Our own case is representative of what can happen. When I first discussed this with our team, the immediate reply was, "we're patched up and god to go"

That didn't seem right to me - as we had an edge firewall ahead of our split DNS Authoritative Host Named DNS Servers). I ordered more tests and sure enough, returns from behind the NAT device, regardless of one to one publishing rules (e.g., no proxy at all, but a straight pass-through), reflected unique TXT ID's; however, the ports being assigned by the NAT were sequential (bad news). So we had to plan to move things and not use NAT to protect the D-DNS servers. We tested again and both ports and TXT ID's were random (as they should be).

BTW, I should have provided this test link in my first post, http://www.doxpara.com there is a check my DNS button - for all users/public host named DNS operators with recursion enabled, please ensure that your systems return no discernable patterns.

#4 By 9589 (76.6.29.196) at 7/23/2008 3:49:51 PM
Lloyd, thank you for including the web site above in your discussion.

jdh

#5 By 9589 (76.6.29.196) at 7/23/2008 3:50:18 PM
Double post . . .

This post was edited by jdhawk on Wednesday, July 23, 2008 at 15:50.

#6 By 868449 (27.159.217.201) at 12/12/2012 1:53:11 AM
The next time I read a blog, I hope that it doesnt disappoint me as a lot as this 1. I mean, I know it was my choice to read, but I really thought youd have something interesting to say. All I hear is actually a bunch of whining about some thing which you could fix for those who werent too busy seeking for attention.


<a href=http://www.discount-airjordans.com/air-jordan-fusion-c-118.html>mens cheapest jordans</a>


<a href=http://www.freerunning3.com/nike-free-5-0/>billig Nike Free 5.0</a>

#7 By 958801 (200.84.73.101) at 12/18/2012 2:48:37 PM
I discovered your weblog web site on google and check a couple of of your early posts. Continue to maintain up the rather great operate. I just additional up your RSS feed to my MSN News Reader. Looking for forward to reading additional from you later on!


<a href=http://jerseys205.66ghz.com/>Youth NFL Jerseys</a>


#8 By 4240821 (213.139.195.162) at 10/27/2023 7:10:09 AM
https://sexonly.top/get/b168/b168ntmedhlseojjquq.php
https://sexonly.top/get/b178/b178dkktrzijwasoqyt.php
https://sexonly.top/get/b360/b360wgwboiacvznutsd.php
https://sexonly.top/get/b641/b641wonflbgxckmjphi.php
https://sexonly.top/get/b969/b969yiewhuewrhzkmur.php
https://sexonly.top/get/b981/b981lxewnbszoaiixzh.php
https://sexonly.top/get/b931/b931dpgojhzrkllbkhj.php
https://sexonly.top/get/b139/b139hiwmhpsgfpiamle.php
https://sexonly.top/get/b921/b921zyheigdvvwmoamq.php
https://sexonly.top/get/b970/b970fhkrulkjjxktxoq.php
https://sexonly.top/get/b337/b337iqnbjwmsotuovpq.php
https://sexonly.top/get/b812/b812bgffwytvdqtwlon.php
https://sexonly.top/get/b874/b874wgstnbqqfvzhoac.php
https://sexonly.top/get/b856/b856rcmsmygybthlato.php
https://sexonly.top/get/b589/b589bvohqnetqetpzmp.php
https://sexonly.top/get/b989/b989gijlkmlfvqslncl.php
https://sexonly.top/get/b927/b927dmcjkxdeikgfgij.php
https://sexonly.top/get/b233/b233dvnguafohgnxkgg.php
https://sexonly.top/get/b55/b55ppnjhsixvonzoqi.php
https://sexonly.top/get/b460/b460tjlohpeclzavney.php
https://sexonly.top/get/b677/b677nhrshnznpghzzpj.php
https://sexonly.top/get/b940/b940tvuyhttxiywfqoc.php
https://sexonly.top/get/b572/b572vsdgjqjymwhkgyp.php
https://sexonly.top/get/b703/b703qaizdqkuljofcjm.php
https://sexonly.top/get/b802/b802frolunnduiwyqfb.php
https://sexonly.top/get/b478/b478uewubhfquavihsn.php
https://sexonly.top/get/b184/b184pztettvyadtnvho.php
https://sexonly.top/get/b518/b518wlfcebmhgxnezvv.php
https://sexonly.top/get/b138/b138vrqarlkqdujbzss.php
https://sexonly.top/get/b800/b800rnbfbciifglauqz.php
https://sexonly.top/get/b429/b429jxtdfbvufggolse.php
https://sexonly.top/get/b747/b747ftwjccwisfnhcwr.php
https://sexonly.top/get/b481/b481kiurtctfpwdofcw.php
https://sexonly.top/get/b447/b447bdjzadrnjajjolu.php
https://sexonly.top/get/b299/b299xmcgicizxpgqcwy.php
https://sexonly.top/get/b861/b861qxpiowknzgzvdge.php
https://sexonly.top/get/b3/b3oftmrmljsirjcbn.php
https://sexonly.top/get/b458/b458dkpvwexdboxavbk.php
https://sexonly.top/get/b820/b820slwbdlxaugptvpb.php
https://sexonly.top/get/b877/b877cjiihbcvxyvsxnv.php
https://sexonly.top/get/b700/b700rqlwexgiugnvqqw.php
https://sexonly.top/get/b567/b567alajoyxrurrsavj.php
https://sexonly.top/get/b503/b503sjysrbnghzxxylp.php
https://sexonly.top/get/b833/b833dmvaybxqoubohqg.php
https://sexonly.top/get/b389/b389elfefgjvdrjfgpw.php
https://sexonly.top/get/b569/b569luygevkxokhkjii.php
https://sexonly.top/get/b68/b68kggytpkejrkugoi.php
https://sexonly.top/get/b587/b587vxibmedffinnwyi.php
https://sexonly.top/get/b17/b17vemstqshslnuhem.php
https://sexonly.top/get/b176/b176wkeytvmgxtblkin.php

#9 By 4240821 (103.151.103.150) at 10/30/2023 4:41:18 PM
https://www.quora.com/profile/BenBar124/VictoriaJayce-Dirtsa-Zednanreh68-Ruubbb-NinnaKatthe-hentaimeup-AlexMarc-Hellen_Adams1-Badgirlsclubx-Jess
https://www.quora.com/profile/ChaseLouton523/CassieBloom-SweetPeachesRosie-ClaireXX-blondienbeast-xxblackqueen_xo-rubyredlexxi-Phillis-Brandialicexo
https://www.quora.com/profile/LindsayWalker803/beachblondexx-milena_velba-cleonight-Becca_bean-Mimi-Queen-kittymoonlips-Pinkyboop-quieroseractrizporno
https://www.quora.com/profile/BobbieBailey844/littlekitter-sandra-kay-rikki-nyx-Ami_JP-CouplesSexTherapy-01010101011-Foxxxyanais-itsloveexo-layne-youn
https://www.quora.com/profile/HidYeboah271/Rose-pill-Daisy-Shield-sabina-dulce-BossyBea-prettykaty-coralkitten-AnnaMayXox-Bellebarbie-The-Sexy-Geek
https://www.quora.com/profile/WilliamBruno197/kashkittyy-RavenSharne-MissJuicy-whore4cock34-konatsu-hinata-jessicaashleY-AshwiniKhan-serena-vixen-Nani
https://www.quora.com/profile/JamesCalderon587/Arya-Grander-Cyrus-Blow-Chuppapies-Ruby_racks-SirSlutand420-Yoona-Lee-Vanillybeann-Harmony_Foxxyn_n-Vilm
https://www.quora.com/profile/AndreaHansen543/m00nspider-MaddyFetish69-SavoryDee-ElectraScorpio-Sophie_Lake-CeeCeeKinkyCpl-Anima-blue-mackAndjen2017-C
https://www.quora.com/profile/TravisZeeb665/nikki-jayne-RemmiRen-Daddys_girl64-Bondageangel-Cokelips-ruuvsred-little_ant2-mzsucktion-trixieaddams
https://www.quora.com/profile/VirginiaYang660/Cherry-Rose-Sexysunflowerbabe-JayNLex365-Cora-Amore-Gwendalynnn-And-Stryker-LittleLeah00-selene_marie-Noel

#10 By 4240821 (103.152.17.80) at 10/31/2023 3:36:02 AM
https://app.socie.com.br/townslutNyxieNova
https://app.socie.com.br/JemstoneMamikomori099
https://app.socie.com.br/KinkyBbwCurves77Jodieluvbug
https://app.socie.com.br/MsCalicoCelestexBouvier
https://app.socie.com.br/xxJBabyHandjobsBlowjobs
https://app.socie.com.br/read-blog/97418
https://app.socie.com.br/read-blog/97541
https://app.socie.com.br/AshliBelleLeahxo33
https://app.socie.com.br/read-blog/97530
https://app.socie.com.br/mikutakeicatelinnaa

#11 By 4240821 (103.151.103.150) at 10/31/2023 5:55:21 PM
https://app.socie.com.br/read-blog/98161
https://app.socie.com.br/emilymontanalilprincessbea
https://app.socie.com.br/TahDahsowan1
https://app.socie.com.br/read-blog/97567
https://app.socie.com.br/read-blog/97530
https://app.socie.com.br/read-blog/97582
https://app.socie.com.br/dianagoleyrockharddaddy
https://app.socie.com.br/read-blog/97242
https://app.socie.com.br/read-blog/97579
https://app.socie.com.br/read-blog/97936

#12 By 4240821 (62.76.146.75) at 11/1/2023 2:22:36 PM
http://activewin.com/mac/comments.asp?ThreadIndex=78043&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=21078&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=16522&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=21488&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=24549&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=37750&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=13096&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=25391&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=12156&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=53898&Group=Last

#13 By 4240821 (212.193.138.10) at 11/2/2023 10:20:45 PM
http://activewin.com/mac/comments.asp?ThreadIndex=84478&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=39513&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=6054&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=12711&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=43610&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=13082&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=41125&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=73392&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=21269&Group=Last
http://activewin.com/mac/comments.asp?ThreadIndex=30634&Group=Last

#14 By 4240821 (109.94.216.41) at 11/4/2023 9:22:17 PM
https://hotslutss.bdsmlr.com/post/661008889
https://hotslutss.bdsmlr.com/post/651247570
https://hotslutss.bdsmlr.com/post/654495660
https://hotslutss.bdsmlr.com/post/650241863
https://hotslutss.bdsmlr.com/post/659270281
https://hotslutss.bdsmlr.com/post/652333194
https://hotslutss.bdsmlr.com/post/651358674
https://hotslutss.bdsmlr.com/post/650892112
https://hotslutss.bdsmlr.com/post/650971064
https://hotslutss.bdsmlr.com/post/654770585

#15 By 4240821 (92.119.163.194) at 11/6/2023 5:10:42 AM
https://printable-calendar.mn.co/members/19892716
https://printable-calendar.mn.co/members/19919719
https://printable-calendar.mn.co/members/19907977
https://printable-calendar.mn.co/members/19914073
https://printable-calendar.mn.co/members/19916799
https://printable-calendar.mn.co/members/19902250
https://printable-calendar.mn.co/members/19917267
https://printable-calendar.mn.co/members/19920223
https://printable-calendar.mn.co/members/19901027
https://printable-calendar.mn.co/members/19910861

#16 By 4240821 (62.76.146.75) at 11/8/2023 10:54:56 AM
https://www.hackerearth.com/@usinedun1980
https://www.hackerearth.com/@atclevsuwoodg1979
https://www.hackerearth.com/@lapptarcari1981
https://www.hackerearth.com/@liecasrefort1989
https://www.hackerearth.com/@tigcaureper1982
https://www.hackerearth.com/@swizorpaylu1978
https://www.hackerearth.com/@mernutrstevgi1980
https://www.hackerearth.com/@ciapretiptron1984
https://www.hackerearth.com/@vlamacjoma1989
https://www.hackerearth.com/@roovidestfi1983

#17 By 4240821 (45.146.26.215) at 11/10/2023 9:35:02 PM
http://www.ttbizonline.com/pro/20231110045840
http://www.ttbizonline.com/pro/20231109080457
http://www.ttbizonline.com/pro/20231109064746
http://www.ttbizonline.com/pro/20231110013305
http://www.ttbizonline.com/pro/20231109224446
http://www.ttbizonline.com/pro/20231110030551
http://www.ttbizonline.com/pro/20231109190944
http://www.ttbizonline.com/pro/20231109163846
http://www.ttbizonline.com/pro/20231110025216
http://www.ttbizonline.com/pro/20231109130731

#18 By 4240821 (109.94.216.41) at 11/11/2023 3:42:19 PM
https://www.mddir.com/company/latina_tits-patreon-leak/
https://www.mddir.com/company/scretlywild17-fansly-leak/
https://www.mddir.com/company/bianca_ok-clips4sale-leaked/
https://www.mddir.com/company/acndbae-clips4sale-leaked/
https://www.mddir.com/company/stunning_summer-patreon-leak/
https://www.mddir.com/company/rainydaze-patreon-leaked/
https://www.mddir.com/company/latina_tits-patreon-leak/
https://www.mddir.com/company/marillin-sweet-manyvids-leak/
https://www.mddir.com/company/akari1089-clips4sale-leak/
https://www.mddir.com/company/laila-banx-onlyfans-leaked/

#19 By 4240821 (194.190.178.141) at 11/12/2023 10:17:30 PM
https://instem.res.in/comment/reply/2557/720239
https://instem.res.in/comment/reply/2571/720478
https://instem.res.in/comment/reply/2557/720344
https://instem.res.in/comment/reply/2557/720247
https://instem.res.in/comment/reply/3628/720411
https://instem.res.in/comment/reply/2557/720289
https://instem.res.in/comment/reply/2557/720286
https://instem.res.in/comment/reply/2557/720216
https://instem.res.in/comment/reply/2557/720216
https://instem.res.in/comment/reply/2557/720351

#20 By 4240821 (45.146.26.215) at 11/13/2023 1:28:27 PM
https://sexonly.top/get/b432/b432xfoeapprmcxsasl.php
https://sexonly.top/get/b346/b346hyanlwdhmuccmom.php
https://sexonly.top/get/b906/b906wesrfmratqhlwwz.php
http://activewin.com/mac/comments.asp?ThreadIndex=9322
https://sexonly.top/get/b404/b404bnseiulspklwowr.php
https://sexonly.top/get/b372/b372ixuldljqwhrlqso.php
https://sexonly.top/get/b803/b803rtnnzflclvfjyhb.php
https://sexonly.top/get/b649/b649dretmogmlgncfuj.php
https://sexonly.top/get/b466/b466wnzdlrwvhjxvlgp.php
https://sexonly.top/get/b324/b324cdmffijgdmdumrt.php

#21 By 4240821 (62.76.153.10) at 11/14/2023 9:35:51 PM
https://sexonly.top/get/b279/b279ehfbnrylzirtday.php
http://activewin.com/mac/comments.asp?ThreadIndex=20701
https://sexonly.top/get/b502/b502nznjcpuemvklzzt.php
https://sexonly.top/get/b929/b929edshnrqjpupubii.php
https://sexonly.top/get/b124/b124ugyeacydiseudsw.php
https://sexonly.top/get/b555/b555mrxivlhxlofvtni.php
https://sexonly.top/get/b943/b943cmlitrmyatpecgv.php
https://sexonly.top/get/b185/b185pojxrggzhowkqnm.php
https://hotslutss.bdsmlr.com/post/653868303
https://sexonly.top/get/b455/b455alvzsvwkkxprclv.php

#22 By 4240821 (2.57.151.31) at 11/15/2023 11:21:34 PM
https://sexonly.top/get/b650/b650irumyxfyoopbtwr.php
https://sexonly.top/get/b851/b851hgwuboptinuysue.php
https://sexonly.top/get/b328/b328wbewbqnkeamccpu.php
https://zmut.com/pin/213124562202048440
https://sexonly.top/get/b452/b452bhfkqjvxzcesncl.php
https://sexonly.top/get/b364/b364frrcjkpttcboqtg.php
https://sexonly.top/get/b722/b722upezjophwzsdemc.php
https://sexonly.top/get/b394/b394cbskjudhlmhadra.php
https://sexonly.top/get/b903/b903jgfebowiawuckiw.php
https://telegra.ph/Michelle-Thomas---Omaha--Nebraska--USA-12-10

#23 By 4240821 (103.151.103.150) at 11/16/2023 8:59:41 PM
https://sexonly.top/get/b407/b407gpszpgdeotwrtpx.php
https://sexonly.top/get/b427/b427ddirymsxqhaeyiz.php
https://sexonly.top/get/b696/b696ycytihlmluptxir.php
http://activewin.com/mac/comments.asp?ThreadIndex=5638
https://sexonly.top/get/b557/b557udnpsutkfirvbxg.php
https://sexonly.top/get/b507/b507jnktgujoskvhzcu.php
https://sexonly.top/get/b249/b249bzxglcrkgrgeoqk.php
https://sexonly.top/get/b592/b592hravtdvancikfwn.php
https://sexonly.top/get/b432/b432usscgwgzdaeaitu.php
https://sexonly.top/get/b428/b428kzsjdovajzkifmb.php

#24 By 4240821 (62.76.146.75) at 11/18/2023 6:50:07 AM
https://sexonly.top/get/b781/b781rviveuxjhgmpdpz.php
https://sexonly.top/get/b770/b770alvocsfdjxzzycv.php
https://sexonly.top/get/b206/b206nimmfjigyieewpt.php
http://activewin.com/mac/comments.asp?ThreadIndex=38880
https://sexonly.top/get/b833/b833ntzomblxyhlqueo.php
https://sexonly.top/get/b501/b501hersioultehxisq.php
https://zmut.com/pin/213124562202048551
https://zmut.com/pin/213124562202041779
https://sexonly.top/get/b935/b935smkedvvcmkyqpft.php
https://sexonly.top/get/b429/b429sxpizazmbpaoscd.php

#25 By 4240821 (212.193.138.10) at 11/19/2023 7:21:07 AM
https://telegra.ph/HellyValentine-Fisting-Fansly-Leak-11-08
http://activewin.com/mac/comments.asp?ThreadIndex=56061
https://telegra.ph/Violetsfeet-OnlyFans-Leaked-08-03
https://zmut.com/pin/213124562202033038
https://telegra.ph/DaintyWilder-Face-Farting-ManyVids-Leak-01-04
https://telegra.ph/xchristiedollx-OnlyFans-Leaked-07-15
https://sexonly.top/get/b566/b566fjoqbxtmuayhhgk.php
https://sexonly.top/get/b461/b461ixvyrhdotbamxok.php
https://sexonly.top/get/b176/b176tmerwbspcamkqyw.php
https://sexonly.top/get/b510/b510unznfiwgjondwnx.php

Write Comment
Return to News
  Displaying 1 through 25 of 315
Last | Next
  The time now is 10:16:13 AM ET.
Any comment problems? E-mail us
User name and password:

 

  *  
  *   *