SkyHorse.Org

Major flaw on the DNS Internet architecture discovered

July 8th, 2008 SkyHorse

Conspiracy fans unite: the worlds major Internet vendors sent their engineers out for secret meetings at the microsoft campus for the past few months to tackle the biggest flaw on the internet’s architecture since it began.

The issue resides on the obiquituous DNS system responsible for directing applications to the right servers when they request a URL. Although there is yet no evidence of this flaw being exploited, it will not take long for black hat hackers to use it to direct you to their own servers when you try to open your online banking or check your emails.

All major vendors will be releasing fixes to their systems at the same time, as to minimise the chances of such rogue practicies happening, something unheard of which clearly shows the gravity of the situation.

More detail at http://securosis.com/2008/07/08/dan-kaminsky-discovers-fundamental-issue-in-dns-massive-multivendor-patch-released/
Dan’s website where you can check for the vulnerability: http://www.doxpara.com

Tags: DNS, hacking, Security

Related posts:

  • Fixing open DNS servers
  • ModSecurity 2.5 : a book by Magnus Mischel
  • modsec.sh updated

Posted in Computing | No Comments »

Fixing open DNS servers

September 28th, 2006 SkyHorse

Ok, there seems to be a *lot* of posts and threads about this issue and I think a simple page is appropriate.

Lets start with the problem. Check the report for your domain here: http://www.dnsreport.com/tools/dnsreport.ch?domain=YOUR_DOMAIN_HERE.COM

An open DNS server is one that replies to a query about a domain it is not responsible for, to anyone who asks for it. For starters, that is just a waste of processing time, but it can be worse if it is used for flooding. See, since a DNS query is (much!) smaller in number of bytes than a DNS response, if it is spoofed it can be used to perform a DoS attack on a computer with several times the bandwidth of the perpretator.

I’ve posted a solution to my obscure cPanel guide, have a look if your interested:
Fixing Open DNS servers

Tags: bind, DNS, GNU/Linux, hacking, hosting, Security, WHM

Related posts:

  • Major flaw on the DNS Internet architecture discovered
  • The Definite Guide of Obscure Tweaks to Install and Maintain cPanel / WHM (version 10)
  • modsec.sh updated

Posted in GNU/Linux, WHM, hosting | No Comments »

  • Tags

    AI apple behavioural-targeting business Computing cPanel deep packet inspection design Downloads Games GNU/Linux google hacking hacking Hardware headphones hosting Ideas Instant Messaging iphone marketing mod-security online-advertising online media Personal Philosophy phorm poker Programming satire scripts Security sociology startups technology Travel ubuntu v-moda Visionarism web-2.0 web-marketing Web Design WHM wunderloop yahoo

  • Pages

    • About
    • Web Server Administration
      • Auto update modsecurity rules – modsec.sh
      • DirectAdmin to cPanel : a partial BASH solution
      • The Definite Guide of Obscure Tweaks to Install and Maintain cPanel / WHM (version 10)
        • Configuring E-mail (Exim) related areas
        • Fixing open DNS servers
        • Monitoring your server
        • Scripts and misc information
        • Security by Obscurity
        • Tweaking apache web server

  • Twitter Updates

    • Ads

    • RSS NMA

      • nma Social Media Social held this Thursday 16 March, 2010
      • Twitter develops API to give third-party access 16 March, 2010
      • Facebook expands its preferred agencies list in the UK 15 March, 2010

    • RSS Brand Republic

      • BBH wins Yeo Valley's £3m ad account 16 March, 2010
      • Glam Media expands European operation 16 March, 2010
      • Opposition mounts to 'rushed' Digital Economy Bill 16 March, 2010

    • RSS iMedia Connection: Consumer Strategies

      • The 4 Cs of scaling social media
      • The underlying drivers of social media success
      • How to turn user-generated content into profits

    • RSS Behavioural Targeting news

      • Organic Introduces the Keys to Creating a Successful Social CRM Strategy - MarketWatch (press release) 16 March, 2010
      • Ads nauseam: The battle to save UK privacy online - Wired.co.uk 15 March, 2010
      • eXelate and Nielsen Align to Bring Offline Household Level Data Into eXelate's ... - PR Newswire (press release) 15 March, 2010
      • Nielsen Taps eXelate As Behavioral Targeting Ally - paidContent.org 15 March, 2010
      • Limited Data and Privacy Concerns Restrain Behavioral in Europe - ClickZ News 15 March, 2010

    • RSS Adotas

      • DIGITAL MEDIA MBA HAPPY HOUR AT BOWERY WINE COMPANY – 3/22/10 16 March, 2010
      • SAN FRANCISCO BOOTSTRAPPERS BREAKFAST – 3/19/10 16 March, 2010
      • ART, LIVE MUSIC, BUSINESS NETWORKING MIXER – 3/18/10 16 March, 2010

    • RSS MarketingVox

      • Google Says Mobile Ad Rates to Exceed PC-based Search 16 March, 2010
      • Valpak Launches Mobile Coupon Apps 16 March, 2010
      • Marketers Use Web Data in Offer Decisions 16 March, 2010

    • RSS ExchangeWire.com

      • Janneke Niessen: The Current Yield Optimisers Will Evolve Into True SSPs 16 March, 2010
      • How Online Advertising Really Works In Europe; Real-Time Bidding Best Practices Whitepaper 12 March, 2010
      • Paul Turner Talks Buy-Side Platforms, Automated Ad Trading And The Evolution Of European Display 11 March, 2010

    • RSS SimsCity blog

      • Attaching pixels to pages 2 January, 2009
      • Frequency capping 28 December, 2008
      • ITV player 27 December, 2008

    • RSS Donald Hamilton

      • Never a True Word said with an “F” 1 December, 2009
      • Whose audience is it anyway? 19 October, 2009
      • Online ad spending bucks trends 29 September, 2008

    • RSS Segmentacion por comportamiento

      • La “Santa Alianza” contra Google. 18 February, 2010
      • Torsten Ahlers, CEO de wunderloop, en el OMExpo2010 26 January, 2010
      • Lanzamiento de la Alianza de editores en Alemania, con la tecnología de wunderloop como motor. 26 January, 2010

    • RSS Sandlines

      • the iPad and Marketing 28 January, 2010
      • The anticipation of disappointment 7 December, 2009
      • Groundhog Day 27 November, 2009

    • RSS ladig.net

      • DMEXCO Premiere war erfolgreich / Topthema Targeting 6 October, 2009
      • Mit „Behavioral“ den optimalen Werbe-Weg finden 8 May, 2009
      • Mit ToDo und Toodledo das Chaos beherschen 6 May, 2009

    • Ads

    • Blogroll

      • 90kts
      • Acxiom Poker Nights
      • Amy’s blog
      • Bytter’s blog
      • morena flor no samba da saudade
      • Not Quite There Yet
      • Swedish Pirate Party

    • Cartoons

      • Geek & Poke
      • Order of the Stick
      • User Friendly

    • Gaming

      • Neverwinter Nights

    • online media

      • Knowledge for the Digital Economy
      • Mike on Ads

    • Personal

      • Atelier de Camisa
      • Banksy
      • Designarte
      • My Amazon Wishlist
      • SkyServers.Org

    • Science

      • New Scientist
      • Rex Research
      • ScienceBox
      • Wired

    • Security

      • GPG4Win
      • GPGol
      • GPGShell
      • Mod Security
      • Offline Windows NT(2k,XP) Password Recovery

    • Web Design

      • PageStrength
      • SiteScore
      • UrlTrends

    • Akismet

      51,370 spam comments
      blocked by
      Akismet

    • Meta

      • Log in
      • Entries RSS
      • Comments RSS
      • WordPress.org

    © 2003 - 2010 Paulo Cunha | SkyHorse.Org is proudly powered by WordPress | Theme based on Bob