Physicist hacks DNS patch

By Aharon Etengoff on Aug 11, 2008 7:15 AM
Filed under Security
 

A Russian physicist has successfully hacked an emergency patch designed to fix a recently discovered DNS vulnerability.

A Russian physicist has successfully hacked an emergency patch designed to fix a recently discovered DNS vulnerability.

Evgeniy Polyakov reportedly used two desktop computers and a high-speed network link to fool the patch into returning a spoofed address in just 10 hours.

According to Polyakov, a typical attack server generates approximately 40,000-50,000 fake replies before hitting on the right one. Polyakov also noted that if the port is matched "the probability of successful poisoning is more than 60 per cent".

Alarmed insecurity experts warned the patch could be exploited to redirect Internet traffic and collect user passwords.

The hacker appears to state on a Russian Blog, "DJBDNS does not suffer from this attack. It does. Everyone does. With some tweaks it can take longer than BIND, but overall problem is there."

theinquirer.net (c) 2010 Incisive Media


Physicist hacks DNS patch
Tags
physicist, hacks, dns, patch
Related Articles
Breaking Stories
 
 
 
 
 
Top Stories
The New Zealand telco problem
The New Zealand telco problem
Opinion: Could Telstra save Kiwi telcos?
 
IT price probe to 'name and shame' gougers
IT price probe to 'name and shame' gougers
Industry ducking the issue, committee claims.
 
Revealed: 2012 e-government award winners
Revealed: 2012 e-government award winners
Government highlights projects, professionals of the year.
 
Sign up to receive iTnews email bulletins
   FOLLOW US...

Latest VideosSee all videos »

Latest Comments
Powered by Disqus
Polls
Should the Government enact new legislation to protect copyright holders in the digital age?
   |   View results
Yes
  19%
 
No
  81%
TOTAL VOTES: 470

Vote
view previous polls »