Not sure if my DNS is vulnerable?
Kevin Darcy
kcd at chrysler.com
Wed Aug 13 22:17:22 UTC 2008
Lars Hecking wrote:
> Vincent Poy writes:
>
>> What about this since it seems even the patch is vulnerable to a degree:
>> http://www.theinquirer.net/gb/inquirer/news/2008/08/10/physicist-hacks-dns-patch
>>
>
> http://marc.info/?l=bind-users&m=121834710707369&w=2
>
The Inquirer should be slapped for this. All this "bored" physicist
accomplished was a brute-force attack over a high-speed connection. He
didn't expose any *new* vulnerability whatsoever. Yet, the Inq reports
it as "Alarmed insecurity experts warned the patch could be exploited to
redirect Internet traffic ...". No quotes, no attributions. Very
irresponsible.
(What's an "insecurity expert" anyway? An expert in feelings of inadequacy?)
- Kevin
More information about the bind-users
mailing list