Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Many ways to attack with DNS

Robert McMillan | Aug. 7, 2008
Dan Kaminsky says that SSL sites are also vulnerable to the DNS flaw he discovered.

Hundreds of millions safer

Although some conference attendees said Wednesday that Kaminsky's talk was overhyped, OpenDNS CEO David Ulevitch said that the IOActive researcher has performed a valuable service to the Internet community. "The entire scope of the attack is even yet to be fully realised," he said. "This affects every single person on the Internet."

There have been some hiccups, however. Two weeks after Kaminsky first discussed the problem, technical details of the bug were accidentally leaked to the Internet by security company Matasano Security. Also, some high-traffic DNS servers stopped working properly after the initial patch was applied, and several firewall products that do Internet Protocol address translation have inadvertently undone some of the DNS changes made to address this problem.

In an interview after his Black Hat presentation, Kaminsky said that despite all the hassles, he'd still do the same thing again. "Hundreds of millions of people are safer," he said. "Things didn't go perfectly, but it went so much better than I had any right to expect."

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.