DNS flaw: attack code published
Results 1 to 10 of 10

Thread: DNS flaw: attack code published

  1. #1
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424

    DNS flaw: attack code published

    Sure didn't take long

    http://blogs.zdnet.com/security/?p=1545&tag=nl.e539
    Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool.
    Attack code available here: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt

  2. #2
    Junior Member
    Join Date
    Jul 2008
    Posts
    15
    Well, it was just a matter of time he he although the question could be if that attack code could be available as it's now if the details of the DNS flaw weren't leaked
    Simplicity is power!

  3. #3
    Senior Member C:\Saw's Avatar
    Join Date
    Jan 2008
    Posts
    125
    OpenDNS--try it

    it is free and much faster than your ISP's DNS servers

    http://www.opendns.com/

    (it does NOT suffer from this new DNS poisoning vulnerability)...for now

    edit: there is no available linux client updater unfortunately
    Last edited by C:\Saw; July 25th, 2008 at 02:50 AM.
    "...to give correctly is to give them what they need from us, for it would not be skillful to bring gifts to anyone that are in no way needed."
    --Socrates

    *Einstein Would Be Proud*

  4. #4
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    I changed to OpenDNS a while ago after finding out that RoadRunner (TWC) still hasn't patched... I just checked, and they're still vulnerable (TWC, that is)...

  5. #5
    Junior Member
    Join Date
    Jul 2008
    Posts
    15
    Quote Originally Posted by C:\Saw
    edit: there is no available linux client updater unfortunately
    Actually, there is, you can use inadyn, check here:
    http://forums.opendns.com/comments.php?DiscussionID=157

    and here:
    http://fwennberg.blogspot.com/2007/0...ned-linux.html
    Simplicity is power!

  6. #6
    Senior Member
    Join Date
    Feb 2002
    Posts
    500
    There an easy way to tell if my ISP (comcast) is vuln or not?
    Or should I just install openDNS to be on the safe side (used to have it, worked great)
    Ron Paul: Hope for America
    http://www.ronpaul2008.com/

  7. #7
    Banned
    Join Date
    Aug 2001
    Location
    Yes
    Posts
    4,424
    There an easy way to tell if my ISP (comcast) is vuln or not?
    Check http://www.doxpara.com/

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    Otherwise try this:

    https://www.dns-oarc.net/oarc/services/dnsentropy

    From what I can gather Comcast is supposed to be OK now.

    I have also heard that these tests can produce false negatives due to interactions between the test and other security measures in place on the servers?


  9. #9
    Member
    Join Date
    May 2002
    Posts
    93
    "It's funny," he said.(HD Moore of metasploit fame) "I got owned."
    At least he has a sense of humor. His company, BreakPoint, uses AT&T which got owned presumably via his metasploit program.

    http://www.networkworld.com/news/200...-a-victim.html
    Tachyon

    |-----|Alcohol is my anti-drug |-----|

  10. #10
    Priapistic Monk KorpDeath's Avatar
    Join Date
    Dec 2001
    Posts
    2,628
    It's a far more serious problem than he is letting on here:
    http://www.thetechherald.com/article...-was-NOT-Pwned

    I have several customers that are having serious mail problems because ATT is, I believe, being attacked. A tech at ATT said he can have me change my customers DNS info but that'll only last so long as the extra load on those servers will cause a DOS also. So...

    Hmmm.

    Gotta love service providers.
    Mankind have a great aversion to intellectual labor; but even supposing knowledge to be easily attainable, more people would be content to be ignorant than would take even a little trouble to acquire it.
    - Samuel Johnson

Similar Threads

  1. Code Flaws Open Linux Apps to Attack
    By SDK in forum *nix Security Discussions
    Replies: 0
    Last Post: September 18th, 2004, 05:56 PM
  2. Attack Code Targets Windows
    By moxnix in forum Microsoft Security Discussions
    Replies: 1
    Last Post: April 26th, 2004, 11:25 PM
  3. A look into IDS/Snort part 1 of 3
    By qod in forum The Security Tutorials Forum
    Replies: 18
    Last Post: January 5th, 2004, 02:30 PM
  4. Newbies, list of many words definitions.
    By -DaRK-RaiDeR- in forum Newbie Security Questions
    Replies: 9
    Last Post: December 14th, 2002, 08:38 PM
  5. Replies: 1
    Last Post: July 15th, 2002, 04:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •