Wednesday, August 6, 2008

DNS gaping hole

The internet has been with us for how many years .... 20-25yrs and since then we have been living with this big security flaw.

The thing is that this problem has been with us since the onset of internet and is just being discovered last month. It just begs the questions 'How safe are we in this modern era of computers and Internet?'
'Which other flaws are yet to be discovered, or have been discovered but the hackers, phishers and all em bad guys are reaping from it?'

This is a big one.

check these links:

If Thinking makes ur head ache, check this out:

"OpenBSD contains a flaw that may allow a malicious user to poison a recursive DNS cache. The issue is triggered by a weakness in the X3 algorithm used to generate random DNS transaction IDs, which combined with a static source port for all DNS queries can allow an attacker to spoof a DNS response packet. It is possible that the flaw may allow a remote attacker to poison a DNS cache resulting in a loss of integrity."

Lets hope that the clever guys will give us the security patches in time before someone gets hurt if nobodys hurt as of the moment ....

No comments:

Post a Comment