Thursday, August 14, 2008

DNS still exploitable

Well for those of you who don't know it is still possible to poison the latest BIND patch with fully randomized ports. All that's required according to A Russian physicist, is a fast enough line, 2 computers and 10 hours of your time. He said "Attack took about half of the day, i.e. a bit less than 10 hours. So, if you have a GigE lan, any trojaned machine can poison your DNS during one night...". He released a post on his blog showing how he did it. The exploit is now also available from his blog and other websites distributing exploits: http://tservice.net.ru/~s0mbre/archive/dns/

When commenting on a New York Times article that discusses his findings, he said "Article says, that DJBDNS does not suffer from this attack. It does. Everyone does. With some tweaks it can take longer than BIND, but overall problem is there."

In other news Telspace systems will be presenting and providing wireless and Bluetooth training this year at the exceptional and must attend event Sector in Toronto, Canada.

No comments: