DNS Cache Poisoning Exploit is “in the Wild”

August 10th, 2008

Computer SecurityIn an update to this Chad’s News post, the exploit is now “in the wild”. There is a “DNS Checker” test to determine whether or not your DNS servers are vulnerable. If so, complain loudly and frequently to your ISP. Since this exploit also requires a client-side update (e.g., your personal PC, Mac, etc.), it would also be a good idea to make sure you’ve installed the appropriate update.

Link: http://arstechnica.com/…

Update #1: According to this article, Apple has not created patches for its operating systems. The article also briefly explains how the exploit works. I don’t think the lack of patches for OS X is that big of a deal—there can’t be that many people/companies that use Macs as DNS servers.

Update #2: Apple has released patches.

Update #3: Turns out that even with the patches, this problem can still be exploited. This is bad, because if your ISP’s DNS servers are hacked, there is nothing you can do about it and you most likely won’t even know it’s happened.

Leave a Reply

 [login]

HTML: You can use these tags.