DNS attacks

Kevin Darcy kcd at chrysler.com
Fri Jul 25 23:46:55 UTC 2008


I don't know that it would be appropriate for me to say any more than 
that, since the details of the exploit have not yet been "officially" 
disclosed.

                                                                   - Kevin


Michael Varre wrote:
> Sorry I meant to reply to all. What is the attack profile for this?
>
>
>
> On 7/25/08, Kevin Darcy <kcd at chrysler.com> wrote:
>   
>> Wolfgang S. Rupprecht wrote:
>>     
>>> James Kosin posted a message on the fedora mailing list that he is
>>> actually seeing DNS attack messages in his log files.  The message is
>>> archived here:
>>>
>>>  http://permalink.gmane.org/gmane.linux.redhat.fedora.general/306278
>>>
>>> Hopefully reports like this will get the folks to upgrade.
>>>
>>>       
>> It's definitely a probe of some kind, but AFAICT a bunch of repeated
>> queries for a *small* number of names, isn't the attack profile
>> associated with the Kaminsky exploit.
>>
>> People should upgrade, of course. Even if the attacks aren't here yet,
>> it's only a matter of time...
>>
>> - Kevin
>>
>>
>>
>>     
>
>   



More information about the bind-users mailing list