[plug] Hackers get hold of critical web flaw | Australian IT
Simon Newton
lists at nomis52.net
Mon Jul 28 12:56:01 WST 2008
On Sun, Jul 27, 2008 at 6:16 PM, Mike Holland <michael.holland at gmail.com> wrote:
> Simon Newton wrote:
>
>> Just to be clear here: If you run a recursive resolver you need to patch
>> NOW
>
> What!? You mean like the one in the home or office modem/router?
>
> OK, ... my bind is updated, but doxpara.com still says I'm vulnerable.
> Ah - remove forwarders to my ISP . Nows its OK.
>
> So I wasn't really recursive, and I suppose that's how most modem/routers
> work?
Correct. If you're forwarding you're at the mercy of your ISP :)
>
> There is no detail at the linked article, but http://www.doxpara.com/
> has an explanation now.
> I had no idea that DNS authentication was so weak.
> If http/ftp/telnet/etc can be replaced by protocols with proper crypto,
> why not DNS?
It's called DNSSEC but like IPv6 there is little motivation to roll it
out until something actually breaks.
What is more achievable in two weeks: upgrading the world to DNSSEC or
patching DNS servers globally ? :)
Simon N
> Which Australian ISPs are still vulnerable?
> I can start the list with hutchison ('3').
>
> _______________________________________________
> PLUG discussion list: plug at plug.org.au
> http://www.plug.org.au/mailman/listinfo/plug
> Committee e-mail: committee at plug.linux.org.au
>
More information about the plug
mailing list