.................with apologies to Alistair Cook

Wednesday, 23 July 2008

That didn't take long! Attack Code Published For DNS Vulnerability

Patch now people :)

And I see that RoadRunner/BrightHouse haven't yet, so OpenDNS is my friend.

get_Rootin writes 'That didn't take long. ZDNet is reporting that HD Moore has released exploit code here for Dan Kaminsky's DNS cache poisioning vulnerability into the point-and-click Metasploit attack tool. From the article: 'This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.' (Via Slashdot.)