::Technology is Power::

• 
  

• PTN Recent Posts

  • Tropical Storm Fay and Soon to Be Hurricane Fay - Posted to PaulTech Network
  • HTC Touch Diamond on Sprint from September - Posted to Cellular Phones
  • Nifty Tricks with "Computer Management" - Posted to PaulTech Network
  • Cascading Water Art - Posted to PaulTech Network
  • Editing Videos with Photos - Posted to PaulTech Network
  • Robot with a Biological Brain Lives - Posted to PaulTech Network
  • Enable Verbose Messaging in Windows - Posted to PaulTech Network
  • JamVox Guitar Karaoke - Posted to PaulTech Network
  • BlackBerry Javelin, Leaked Marketing Shots - Posted to Cellular Phones
  • Uber Geek Way to Order Domino's Pizza - Posted to PaulTech Network

• Categories

  Select Category Advertising Alternative Fuels Biotechnology Blogroll Camcorder Camera Digital Carnivals Cell Phone Commentary Emerging Technology Free Stuff Gaming Accessories Gizmos and Gadget Google Green Tech Hacking Hardware – Desktops – Displays – GPS – Laptops – Memory – Motherboards – Peripherals – Power – Printers – Recalls – Servers – Storage – Tablets – Wii Industry News Mac Medical Technology Military Technology MP3 Players nanotechnology Networking PaulTech Store PDA's PVR Reviews Robotics Security Smartphones Software – Backup – Browsers – Communications – Email – Graphics – iPod – Office – OS – Podcasting – RSS – Spam – Spyware – Utilities – Video – Virtualization – Virus – Wordpress – XCasting Space Tech Support Tutorials TVs Uncategorized unnerving Video Game System Video Tutorials VOIP Weather Website Updates Whacky Wireless Yummy Links

• Subscribe through Feedburner

  
  
  
  
  
  
  
  
  
  
  
  

• Archives

  2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 2007 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 February 2007 January 2007 2006 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 2005 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005

• Recent Comments

  • Harry Knopp on Tropical Storm Fay and Soon to Be Hurricane Fay
  • Muhammad Sohail on Print Spooler Subsystem App Error
  • Nancy on Print Spooler Subsystem App Error
  • Jesse on Laser / Microwave Propulsion
  • Jan on Print Spooler Subsystem App Error

Jul 24

DNS Poisoning Exploit Out of the Bag Posted by admin July 24, 2008 |

Well, well, well.  It’s certainly been an interesting few weeks in the networking arena.  I’ve been watching a discussion about a possible DNS exploit for a bit and it’s grown into a bigger problem.

I’m not going to go into the whole story, but here are the highpoints.  It seems that a researcher uncovered a new exploit on DNS.  This would allow cache poisoning and is a major issue.  Now, that exploit concept was accidentally released, then unreleased, to the public.  But the proverbial cat is out of the bag when you do it on the internet.  So, now there are attempts at damage control as has already been seen in the wild.  US-Cert issued a bulletin on their website that is somewhat downplayed in language.  But, if you are technical, you will immediately understand that this is a serious, serious issue.

If you aren’t technical, let me explain in very broad terms.  Websites aren’t really names, like yahoo.com.  They are numbers, like 68.180.206.184.  DNS servers interpret names into numbers so you don’t have to.  But, what if someone were able to fool those DNS server into pointing those names to anothermalicious server.  Let’s say that the server contained a website that looked just like your bank, but just harvested logins.  You get my point.  It’s a very serious issue.  Please read through the entire issue.  Don’t mess around with this!!! This SANS entry might also be of some use.

Related Posts:

Microsoft XMLHTTP ActiveX Control Exploit
Here's another extremely critical exploit out in the wild for Internet Explorer....

Internet Explorer Extremely Critical Vulnerability
vulnerability has been discovered in Internet Explorer which could allow a malicious person to exploit a vulnerability. This...

Firefox 2.0.0.5 Password Vulnerability
Just a quick note to make you aware of a serious password vulnerability in Firefox 2.0.0.5. Over the weekend,...

Pharming
This weekend saw a host of attacks aimed at pharming users to false websites. Pharming utilizes various host and/or...

Word 2000 Extremely Critical Vulnerability
Secunia has issued an extremely critical vulnerability warning for Microsoft Word 2000. The vulnerability is actually a rework of...

Comments

• 

• PaulTech in your Inbox

  Subscribe to PaulTech by Email

• Paul Tech Network

  

  

  Cellular Phones

  

  PaulTech Network

• • iPod Accessories
  • Buy iPod and iPod Accessories
  • Compare Camcorders
  • Stress Ball
  • Toner Ink Jet Cartridges
  • Keepit.com Backup - only $4.95

• Advertise

• Google Toolbar Button

  Add to Google Toolbar
  
  
  ::Link to Us::