The DNS Issue…
Thursday, August 7th, 2008As many of you know, it was recently discovered that the DNS protocol has a serious flaw. I don’t have a lot to add to the conversations of some serious experts, but I wanted to post a link to some of the tools that I have found that will help you know if you are at risk.
Dan Kaminsky, a security researcher, recently discovered the flaw. While I am never one to preach “doom and gloom”, this is a really serious bug that WILL gain traction among the hackers. There is already proof of concept code available that shows how to attack this flaw, so don’t hesitate to fix it. DoxPara Research is where you will find the best information about the flaw. Also at Dan’s website (DoxPara), is a tool that will test your DNS server to see if it is vulnerable. YOU SHOULD TEST THIS NOW! Don’t hesitate and do it later. NOW! (Please)
Also, ICANN has released a tool that will test the DNS server that is providing DNS services for your domain. More information on the exploit and it’s implications can be found on ICANN’s website. Their tool is here. Again, this is very important to the security of not only YOUR website, but, also, to the security of anyone who visits your website. DON’T DELAY! DO IT NOW!