Not sure if my DNS is vulnerable?

Kevin Darcy kcd at chrysler.com
Wed Aug 13 22:17:22 UTC 2008


Lars Hecking wrote:
> Vincent Poy writes:
>   
>> What about this since it seems even the patch is vulnerable to a degree:
>> http://www.theinquirer.net/gb/inquirer/news/2008/08/10/physicist-hacks-dns-patch
>>     
>
>  http://marc.info/?l=bind-users&m=121834710707369&w=2
>   
The Inquirer should be slapped for this. All this "bored" physicist 
accomplished was a brute-force attack over a high-speed connection. He 
didn't expose any *new* vulnerability whatsoever. Yet, the Inq reports 
it as "Alarmed insecurity experts warned the patch could be exploited to 
redirect Internet traffic ...". No quotes, no attributions. Very 
irresponsible.

(What's an "insecurity expert" anyway? An expert in feelings of inadequacy?)

                                                                         
                        - Kevin



More information about the bind-users mailing list