Engineers Warn Of Attacks On Internet Vulnerability

Agence France-Presse (excerpt) ^ | July 24, 2008

[HAL9000]

Excerpt -

SAN FRANCISCO (AFP)--Internet security researchers warned Thursday that hackers have caught on to a "critical" flaw that lets them control traffic on the Internet.

~ snip ~

"We are in a lot of trouble," said IOActive security specialist Dan Kaminsky, who stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants to collaborate on a solution.

"This attack is very good. This attack is being weaponized out in the field. Everyone needs to patch, please. This is a big deal."

~ snip ~

[Brian S. Fitzgerald]

Perhaps an alternate network is needed.

[proxy_user]

You don’t have to use your ISP’s nameservers if you don’t want to.

I am using the nameservers provided by Open DNS. I checked them with the DNS checker at doxpara.com, and they seem to be ok.

OpenDNS is here:

http://www.opendns.com/

[Calpernia]

ping

[taxcontrol]

This is more hype that threat. Yes, there are some DNS servers that have not yet patched their servers. But this is a shrinking number and those servers can be taken out of operation very quickly, fixed and then restored.

Further, individuals can and often do use other third party DNS servers so should a server be attacked, users can switch to other sources.

[An Old Man]

Here's another one which has worked fine for me during the last 5 years. Treewalk Homepage

[Mediocrates]

bump

[proxy_user]

This seems to be an entirely different thing. It is a local caching DNS server, but you are still ultimately reliant on the correctness of your ISP’s DNS. All it does is cache the results locally.

With Open DNS, you are using Open DNS’s nameservers, not your ISP’s. You type the IP addresses they give you into your network configuration interface, and then you’re using their servers for all name lookups.

[An Old Man]

"All it does is cache the results locally."

You got it!
Whenever my cache needs to be refreshed, I use these servers to update it. That way I completely bypass the ISP.

Do you recognise the IP's?
208.67.222.222
208.67.220.220

[ThePythonicCow]

Do you recognise the IP's?

Yes - I recognized them immediately - OpenDNS.

Here's the IP address of another DNS server for you: 4.2.2.1.

The DNS server at 4.2.2.1 is run by Level3, from Broomfield, Colorado. It's not the fastest or fanciest DNS server, but it makes a handy DNS alternative when one just has to type one in from memory. See Alternate DNS Servers or Where is 4.2.2.1 Located? for more information about 4.2.2.1.

[nw_arizona_granny]

Thanks for the ping.........

[js1138]

This can’t be happening. Name servers don’t run Windows and are therefore immune to attacks of this kind.

Right?