Thursday, August 7, 2008

DNS cache poisoning, first attacks

| Armando Romeo |

From this (funny) video, I have found on Kaminsky blog (the guy who gave new life to the old DNS cache poisoning issue) seems that large part of the major ISP's DNS servers have been patched.

After Kaminsky's publication of the vulnerability exploit code gone wild and ported to HD Moore's Metasploit framework just few days late.

Not even 2 weeks after the breakthrough, HD Moore's company web site has been hijacked by spammers poisonoing At&T DNS Server serving his company's website. Hilarious, but sh*t happens. Above all when it's not up to you or under your control.

Yesterday, Black Hat day 1, Kaminsky gave more details on the patching status of the main ISP's and all the unpublished details about the attack.
It's only a matter of patching now, since everything is public.

Free Security Magazines