Email Questions  
     

Left Nav Register Home Forum Search Today's Posts Mark Forums Read Right Nav

Left Container Right Container
 

Go Back   Email Questions » General Forums » General
Reload this Page Multiple DNS implementations vulnerable to cache poisoning


General This forum is for both technical and non-technical discussions that do not belong in another EQ forum.

Multiple DNS implementations vulnerable to cache poisoning

General

Reply
 
LinkBack Thread Tools Display Modes
Old Wednesday, August 13th, 2008   #1
Postmaster
 
popowich's Avatar
 
Join Date: Aug 2008
Location: Rochester, NY
Posts: 2,543
Thanks: 234
Thanked 306 Times in 288 Posts
Default Multiple DNS implementations vulnerable to cache poisoning
Hello,

Are you aware of the recent security updates needed for the bind package?
Quote:
The Domain Name System (DNS) is responsible for translating host names to IP addresses (and vice versa) and is critical for the normal operation of internet-connected systems. DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique that allows an attacker to introduce forged DNS information into the cache of a caching nameserver. DNS cache poisoning is not a new concept; in fact, there are published articles that describe a number of inherent deficiencies in the DNS protocol and defects in common DNS implementations that facilitate DNS cache poisoning
Are you DNS resolvers up to date? More information can be found here.

The upgrades themselves are easy enough, but I had some slight trouble with a few servers at work due to the firewall requirements needed for allowing the new ports needed.

-Raymond

popowich is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!twitter
Reply With Quote




Old Thursday, August 14th, 2008   #2
Valued Member
 
Join Date: Aug 2008
Location: Morris Plains, NJ
Posts: 118
Thanks: 10
Thanked 34 Times in 30 Posts
Default
very interesting . . . Yes I was aware of it. Contrary to my and the other engineer's preference we don't run our own DNS here, in fact we manage well over 100 servers (consisting of RH, w2k3, and Solaris) via host files. Its been a thorn in my side since I started here last Feb, and its on my "if we ever get up with projects, stuff I'd like to do list."

That's interesting about the FW, I had no idea any new ports were required . . . I'll have to look into it in greater detail, thanks for the heads up.
yukon is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!twitter
Reply With Quote

Old Thursday, August 14th, 2008   #3
Postmaster
 
popowich's Avatar
 
Join Date: Aug 2008
Location: Rochester, NY
Posts: 2,543
Thanks: 234
Thanked 306 Times in 288 Posts
Default
The firewalling that was in place in many markets could not be configured to correctly allow the more secure random source ports config. I had been using a static source port. Unfortunately the devices providing the firewalling were not firewall devices. Once I got the problem servers upgraded and put up some server side firewalls that could do the firewalling correctly I was all set. For me not all of my servers are physically where I am so it's a little bit of a pain in the butt to do OS upgrades and such.

-Raymond
popowich is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!twitter
Reply With Quote

Old Wednesday, August 20th, 2008   #4
Postmaster
 
popowich's Avatar
 
Join Date: Aug 2008
Location: Rochester, NY
Posts: 2,543
Thanks: 234
Thanked 306 Times in 288 Posts
Default China Netcom DNS cache poisoning
It looks like someone did not do their upgrades yet.

China Netcom DNS cache poisoning

-Raymond
popowich is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!twitter
Reply With Quote

Reply

Tags
cache, dns, implementations, multiple, poisoning, vulnerable

« Please introduce yourself to E-Mail Questions | Home Networks »
Thread Tools
Display Modes
Linear Mode Linear Mode




All times are GMT -4. The time now is 08:54 AM.

Email Questions - Archive - Privacy Statement - Top

Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd. SEO by vBSEO 3.3.2