Newsletter:

Skip Navigation LinksHome > News > Security > First DNS attacks reported

Site Map |

First DNS attacks reported

By Shaun Nichols
26 July 2008 01:18PM
Tags: first | dns | attacks | reported

The first attacks to on the Kaminsky DNS vulnerability have been reported.

The attack was reported by a user named James Kosin to a Fedora Linux mailing list.

Kosin posted a log which he said was gathered Thursday night. The attacker attempts to access the server's cache for entries to such sites as myspace, ebay and Wachovia.

The attack attempts to target a vulnerability in the Domain Name System in which an attacker could alter the cache on a DNS server to redirect site requests to malicious third-party sites.

"The spooks are out in full on this security vulnerability in force. Patch or upgrade now!" wrote Kosin.

Industry experts, including Kaminsky himself, have issued similar warnings to administrators. Kaminsky intentionally held off on releasing the details of the flaw until vendors could patch it.

Exploit code for the vulnerability was posted earlier this week as a module for the Metasploit framework.

Though experts estimate that most major ISPs and vendors have patched the flaw, poorly-maintained DNS servers could still be open to the attack.

Copyright © 2008 vnunet.com

   


Ads by Google


Thoughts on this article? Add a comment below.
Be the first to comment on this article.

Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 


 
Tripwire - Click here to win an iTouch



Tags

attacks celebrates cent dns estonia first flaw google iphone microsoft mobile online per reported security sun trojan vulnerability warns windows


Product Reviews

Cyber-Ark Software Enterprise Password Vault
Star Rating
The Cyber-Ark Enterprise Password Vault, or EPV, is a high-end password management powerhouse.
Hitachi ID Systems ID-Archive
Star Rating
The Hitachi ID-Archive sets its focus on password randomisation.
Lieberman Software Enterprise Random PM
Star Rating
The Lieberman Software Enterprise Random Pass­word Manager is a full-on password manager and randomiser for...
Proginet Corporation SecurForce
Star Rating
Proginet SecurForce is a little bit of a horse of a different color for this month's Group Test.
Siber Systems RoboForm Enterprise
Star Rating
On the surface, RoboForm Enterprise starts out looking like a single sign-on product, but that is just on the...
Unified Communications Podcast Centre

TopTopics
(6924) -  microsoft
(6474) -  iinet
(6465) -  copyright
(6465) -  afact
(6350) -  internet
(5920) -  servers
(5920) -  mipi
(4084) -  phone
(4081) -  telstra
(3653) -  nvidia
(3334) -  broadband
(3278) -  nbn
(2430) -  avg
(1970) -  onecare
(1886) -  google