| What is RSS feed? | About Us |
 |
 Search Score: 5/10
Source: slashdot.org --- 4 days ago
An anonymous reader writes "Reverse engineering expert Halver Flake has recently mused on Dan Kaminsky's DNS vulnerability. Apparently his musings were close enough to the mark to cause one of the Matasano team, who apparently already knew of the attack, to publish the details on the Matasano blog in a post entitled 'Reliable DNS Forgery in 2008.' The blog post has since been pulled, but evidence of it exists on Google and elsewhere. It appears only a matter of time now before the full details leak." Reader Time out contributes a link to coverage on ZDNet as well. Read more of this story at Slashdot. ... Source: news.softpedia.com --- 3 days ago
Recently, the DNS flaw discovered by Dan Kaminsky made all the headlines, first of all because of its gravity, and secondly because the Director of Penetration Testing for IOActive would not release specific, technical details about the flaw. Kaminsky stated on numerous occasions that he would disclose all the information on the 6th of August, at the BlackHat Security Conference in Las Vegas. But it seems that Thomas Dullien, CEO and head of research with Sabre Security has figured it all out, e... ... Source: www.pcmag.com --- 3 days ago
One of the many things that researchers agreed on in the major coordinated fix of a flaw in the DNS earlier this month was to withhold details on the vulnerability itself in order to give users enough time to apply updates. Too bad, another researcher spilled the beans. ... Source: www.dslreports.com --- 4 days ago
I think I left off that I am using HN7000S. Ever since I have been on HughesNet I get DNS on a page I leave running. I have to refresh it a couple of times before it comes up. After a few times of automatic refresh, I get DNS again and have to redo it. This happens all day and I lose near real time information. It only happens on this website but acceleration is slow on most web pages. I thought I would change proxy servers following instructions on this forum but when I get to "Auto Select TurboPage Server" it asks for IP address and port number then the "Teardown TurboPage Connection" button. I am nervous about screwing up the modem if I teardown with out the info. Should I put in the info, what is that info, and will I screw it up and cause me big headaches? Thanks ... Source: www.dslreports.com --- 5 days ago
So I went to a site today (www.link2voip.ca) which I always do, only the site is actually .com. For the first time, I recieved a Rogers Yahoo search for link2voip. Found this kind of weird, as its never happened before, so I figure its new! JR ... Source: www.theinquirer.net --- 3 days ago
Egan Orion the Inquirer , Tuesday 22 July 2008. 12:05:00 Speculation confirmed TECHNICAL DETAILS about a flaw in the Internet's Domain Name System (DNS) that still exists on some networks were injudiciously confirmed in a security firm's blog on Monday. Security researcher Dan Kaminsky had discovered the DNS vulnerability several months ago and worked with major software vendors to devise and disseminate... ... Source: www.eweek.com --- 3 days ago
Technical details of a flaw in the Domain Name System that made headlines earlier this month were accidentally posted to a well-read security blog Monday. - Details of the Domain Name System (DNS) flaw uncovered by security researcher Dan Kaminsky have found their way into the public arena. Kaminsky, who is the director of penetration testing for the security firm IOActive, had planned on keeping the specifics of his discovery close to his vest until t... ... Source: www.dslreports.com --- 3 days ago
I went back to using Treewalk http://ntcanuck.com/ after using OpenDNS http://www.opendns.com/ for awhile. When I was using Open DNS, I would be getting these short sporadic outages in my IM programs, e-mail, and web browsing. After I re-installed Treewalk, the latter problems disappeared. I'm curious if anyone else has noticed the same thing. ... Source: www.zdnet.co.uk --- 3 days ago
A security researcher has come up with an attack method he believes could be used to exploit the recently patched DNS vulnerability ...
Source: www.geoexpat.com --- 5 days ago
Hi all - we're new to HK and are trying to use bittorrent - the wife needs to get her "So you think you can dance" fix. The problem we are running into is that some sites are blocked by "Scrubit", and internet filtering service that operates as a substitute DNS server. We are using netvigator and a wireless router. I tried manually setting DNS servers through the router config and on the local computer settings - but neither of these did the trick, and to be honest, I don't fully understand this anyway. Any more tech-savvy folks out there that can help us out? ... Source: www.derkeiler.com --- 5 days ago
Summary: Cache Poisoning attack? ... is there any PoC to simulate the attack and test the ... effectiveness of signature? ... ... Source: blog.icann.org --- 3 days ago
It is sometimes said that ISPs do not offer IPv6 transport and equipment vendors offer just partial IPv6 support because there is no customer demand. The counter argument is often made that consumers can only buy what is on offer so people prefer to buy production quality services and equipment. Unfortunately, even when production quality IPv6 [...] ... Source: www.crn.com --- 3 days ago
Plans to keep details of the DNS flaw under wraps sparked controversy within the security research community, whose members said that the public would not benefit from being kept in the dark. ... Source: www.techworld.com --- 3 days ago
Oops...I dropped the ball. A computer security company inadvertently published details of a major DNS flaw several weeks before they were due to be disclosed. ... Source: www.iss.net --- 5 days ago
Multiple vendor DNS protocol implementations could allow a remote attacker to poison the DNS cache. Patches that resolve the vulnerability on the DNS may be rendered ineffective if the DNS is behind a NAT device that does not randomize ports. ... Source: www.tech-archive.net --- 4 days ago
Summary: and my mail servers keep getting the "Delete this record when it becomes ... stale" box checked. ... I uncheck it, and look at it later and it is checked ... Dynamic updates is set to Non-secure and Secure. ... ...
Source: seclists.org --- 4 days ago
Posted by Mario A. Spinthiras on Jul 18 >From the dsniff package use dnsspoof. A combination of MITM and dnsspoof will give you the required PoC result. ... Source: www.tech-archive.net --- 5 days ago
Summary: We have a SBS server that is sending out email using the DNS routing the ISP ... says they are no longer supporting smart Hosts. ... Should there be some kind of outgoing authentication ... ... Find more results for DNS on RSSMicro.com |
Copyright © 2008 RSSMicro.com
Shaun Nichols in San Francisco, vnunet.com , Tuesday 22 July 2008 at 21:41:00 Experts sound alarms over early disclosure A high-profile security flaw scheduled for disclosure next month has been released early, much to the chagrin of security experts.... ...
When software vendors banded together to fix a major security flaw in the way the internet operates, they agreed to keep the details quiet to avoid giving more ammunition to hackers. Those details have now briefly leaked out – and briefly is all it takes online. The flaw is in the DNS protocol, the very basis of the system that translates domain names (such as website addresses) into the physical location where pages are stored. In short, it’s the phonebook of the internet. Whenever you visit a website, your internet provider stores some of the information to make things quicker for the next user who [...] ...