Posted on 07/24/2008 4:05:59 PM PDT by HAL9000
Excerpt -
SAN FRANCISCO (AFP)--Internet security researchers warned Thursday that hackers have caught on to a "critical" flaw that lets them control traffic on the Internet.~ snip ~
"We are in a lot of trouble," said IOActive security specialist Dan Kaminsky, who stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants to collaborate on a solution.
"This attack is very good. This attack is being weaponized out in the field. Everyone needs to patch, please. This is a big deal."
~ snip ~
(Excerpt) Read more at nasdaq.com ...
Perhaps an alternate network is needed.
You don’t have to use your ISP’s nameservers if you don’t want to.
I am using the nameservers provided by Open DNS. I checked them with the DNS checker at doxpara.com, and they seem to be ok.
OpenDNS is here:
ping
This is more hype that threat. Yes, there are some DNS servers that have not yet patched their servers. But this is a shrinking number and those servers can be taken out of operation very quickly, fixed and then restored.
Further, individuals can and often do use other third party DNS servers so should a server be attacked, users can switch to other sources.
bump
This seems to be an entirely different thing. It is a local caching DNS server, but you are still ultimately reliant on the correctness of your ISP’s DNS. All it does is cache the results locally.
With Open DNS, you are using Open DNS’s nameservers, not your ISP’s. You type the IP addresses they give you into your network configuration interface, and then you’re using their servers for all name lookups.
You got it!
Whenever my cache needs to be refreshed, I use these servers to update it. That way I completely bypass the ISP.
Do you recognise the IP's?
208.67.222.222
208.67.220.220
Here's the IP address of another DNS server for you: 4.2.2.1.
The DNS server at 4.2.2.1 is run by Level3, from Broomfield, Colorado. It's not the fastest or fanciest DNS server, but it makes a handy DNS alternative when one just has to type one in from memory. See Alternate DNS Servers or Where is 4.2.2.1 Located? for more information about 4.2.2.1.
Thanks for the ping.........
This can’t be happening. Name servers don’t run Windows and are therefore immune to attacks of this kind.
Right?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.