SkyHorse.Org

Major flaw on the DNS Internet architecture discovered

July 8th, 2008 SkyHorse

Conspiracy fans unite: the worlds major Internet vendors sent their engineers out for secret meetings at the microsoft campus for the past few months to tackle the biggest flaw on the internet’s architecture since it began.

The issue resides on the obiquituous DNS system responsible for directing applications to the right servers when they request a URL. Although there is yet no evidence of this flaw being exploited, it will not take long for black hat hackers to use it to direct you to their own servers when you try to open your online banking or check your emails.

All major vendors will be releasing fixes to their systems at the same time, as to minimise the chances of such rogue practicies happening, something unheard of which clearly shows the gravity of the situation.

More detail at http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Dan’s website where you can check for the vulnerability: http://www.doxpara.com

Tags: DNS, hacking, Security

Related posts:

  • Fixing open DNS servers
  • modsec.sh updated
  • Web Host Company hacks into their own client’s accounts

Posted in Computing | No Comments »

Fixing open DNS servers

September 28th, 2006 SkyHorse

Ok, there seems to be a *lot* of posts and threads about this issue and I think a simple page is appropriate.

Lets start with the problem. Check the report for your domain here: http://www.dnsreport.com/tools/dnsreport.ch?domain=YOUR_DOMAIN_HERE.COM

An open DNS server is one that replies to a query about a domain it is not responsible for, to anyone who asks for it. For starters, that is just a waste of processing time, but it can be worse if it is used for flooding. See, since a DNS query is (much!) smaller in number of bytes than a DNS response, if it is spoofed it can be used to perform a DoS attack on a computer with several times the bandwidth of the perpretator.

I’ve posted a solution to my obscure cPanel guide, have a look if your interested:
Fixing Open DNS servers

Tags: bind, DNS, GNU/Linux, hacking, hosting, Security, WHM

Related posts:

  • Major flaw on the DNS Internet architecture discovered
  • The Definite Guide of Obscure Tweaks to Install and Maintain cPanel / WHM (version 10)
  • modsec.sh updated

Posted in GNU/Linux, WHM, hosting | No Comments »

  • Tags

    AI apple behavioural-targeting business christianity Computing cPanel design DNS Downloads Games GNU/Linux google hacking Hardware headphones hosting Ideas Instant Messaging iphone islam marketing online-advertising online media Personal Philosophy poker Programming satire scripts search Security sociology startups technology Travel ubuntu v-moda Visionarism web-2.0 web-marketing Web Design WHM wunderloop

  • Pages

    • About
    • Web Server Administration
      • Auto update modsecurity rules - modsec.sh
      • DirectAdmin to cPanel : a partial BASH solution
      • The Definite Guide of Obscure Tweaks to Install and Maintain cPanel / WHM (version 10)
        • Configuring E-mail (Exim) related areas
        • Fixing open DNS servers
        • Monitoring your server
        • Scripts and misc information
        • Security by Obscurity
        • Tweaking apache web server

  • Twitter Updates

    • Ads

    • RSS NMA

      • MailOnline sees site traffic grow 18% during October 20 November, 2008
      • WPP's Sorrell looks to emerging countries for growth 20 November, 2008
      • The Guardian pushes Barnardo's via full-page HD video ads 20 November, 2008

    • RSS Brand Republic

      • Five review under way as consultants move in 20 November, 2008
      • VBS launches knife-crime campaign 20 November, 2008
      • Warner Brothers appoints Cochrane as UK group marketing chief 20 November, 2008

    • RSS iMedia Connection: Consumer Strategies

      • 5 brands that gave 'em something to talk about
      • Social networking: Where it's headed
      • 5 ways to bring targeting to another channel

    • RSS Behavioural Targeting news

      • Behavioral Targeting In Context - Mediapost.com 19 November, 2008
      • Behavioral targeting and video search marketing with AlmondNet - ReelSEO Online Video News 18 November, 2008
      • Web Analytics Association Announces Upcoming December Webcast: "5 ... - MarketWatch 19 November, 2008
      • New privacy group to shape policy - BBC News 20 November, 2008
      • Integrating Behavioral Into TV, Web, and Mobile Campaigns - ClickZ News 19 November, 2008

    • RSS Adotas

      • An error has occurred; the feed is probably down. Try again later.

    • RSS MarketingVox

      • Google and the Case of the Exploding Ads
      • Industry Buzz & Snippets: 11/20/08
      • 1/5 of Marketers Send Emails After Users Unsubscribe

    • RSS SimsCity blog

      • Scalability 8 July, 2008
      • A message to Mac users 5 July, 2008
      • Transfering files from computer to iPhone 26 June, 2008

    • RSS Donald Hamilton

      • Online ad spending bucks trends 29 September, 2008
      • Ad:Tech 25 September, 2008
      • Phorm in the clear? 18 September, 2008

    • RSS Don't be Square

      • x 11 September, 2008
      • See no evil with TELEVISION 18 August, 2008
      • Science meets Culture = PHILOTAXIS 14 August, 2008

    • Ads

    • RSS mindcode

      • On Patterns… 20 November, 2008
      • Just a shrimp… 16 November, 2008
      • Another Quote of the Day 15 November, 2008

    • RSS ZDnet Security

      • Sun updates NetBeans with PHP support 20 November, 2008
      • iPhone vs. Android development: Day 1 18 November, 2008
      • Making Man As Super As His Computer 17 November, 2008

    • TechDispenser


    • Blogroll

      • 90kts
      • Acxiom Poker Nights
      • Amy’s blog
      • Bytter’s blog
      • morena flor no samba da saudade
      • Not Quite There Yet
      • Swedish Pirate Party

    • Cartoons

      • Geek & Poke
      • Order of the Stick
      • User Friendly

    • Gaming

      • Neverwinter Nights

    • online media

      • Knowledge for the Digital Economy
      • Mike on Ads

    • Personal

      • Atelier de Camisa
      • Banksy
      • Designarte
      • My Amazon Wishlist
      • SkyServers.Org

    • Science

      • Hermetic Research
      • New Scientist
      • Rex Research
      • ScienceBox
      • Wired

    • Security

      • GPG4Win
      • GPGol
      • GPGShell
      • Mod Security
      • Offline Windows NT(2k,XP) Password Recovery

    • Web Design

      • PageStrength
      • SiteScore
      • UrlTrends

    • Akismet

      33,362 spam comments
      blocked by
      Akismet

    © 2003 - 2008 Paulo Cunha | SkyHorse.Org is proudly powered by WordPress | Theme based on Bob