Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Security Networking The Internet

Massive, Coordinated Patch To the DNS Released 315

Posted by kdawson
from the pretty-much-everybody dept.
tkrabec alerts us to a CERT advisory announcing a massive, multi-vendor DNS patch released today. Early this year, researcher Dan Kaminsky discovered a basic flaw in the DNS that could allow attackers easily to compromise any name server; it also affects clients. Kaminsky has been working in secret with a large group of vendors on a coordinated patch. Eighty-one vendors are listed in the CERT advisory (DOC). Here is the executive overview (PDF) to the CERT advisory — text reproduced at the link above. There's a podcast interview with Dan Kaminsky too. His site has a DNS checker tool on the top page. "The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not [immediately] reveal the vulnerability and reverse engineering isn't directly possible."
This discussion has been archived. No new comments can be posted.

Massive, Coordinated Patch To the DNS Released

Comments Filter:

To restore a sense of reality, I think Walt Disney should have a Hardluckland. -- Jack Paar

Working...