Posted on 08/11/2008 12:22:34 PM PDT by smokingfrog
Patches meant to fix a flaw in the Internet's Domain Name System (DNS) don't completely protect the Web's traffic cop from attack, a Russian research claimed Friday.
The head of the non-profit that maintains the most commonly used DNS software, however, said there was little to worry about.
In a blog post , Russian researcher Evgeniy Polyakov said he had created an exploit able to insert bogus routing information into systems running the most-up-to-date version of BIND (Berkeley Internet Name Domain), the popular open-source software that runs a majority of the Web's DNS servers.
BIND 9.5.0-P2 was released Aug. 2 as a follow-on to the initial patch issued July 8, the day that researcher Dan Kaminsky announced the DNS flaw and a coordinated patching effort by several vendors, including Internet Systems Consortium Inc. (ISC), which maintains BIND; Microsoft Corp. ; and Cisco Systems Inc.
Both the July 8 and Aug. 2 BIND updates added source port randomization in the name server to reduce the likelihood of "cache poisoning," the term used to describe attacks that attempt to reroute users' requests for legitimate sites to fakes created to dupe them into entering confidential information.
Polyakov claimed that his exploit was able to insert rogue instructions into a DNS server running BIND 9.5.0-P2, although it took a pair of attacking PCs connected to the server via a Gigabit Ethernet (GigE) network connection about 10 hours to pull off the attack.
"Attack took about half of the day, i.e. a bit less than 10 hours," Polyakov said on his blog. "So, if you have a GigE LAN, any Trojaned machine can poison your DNS during one night."
Computerworld was not immediately able to verify Polyakov's claims.
(Excerpt) Read more at infoworld.com ...
Yawn, more BIND vulnerability.
Doesn’t work against DJBDNS, PowerDNS, MaraDNS
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.