Results 1 to 3 of 3
Thread: Has your DNS been patched?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Has your DNS been patched?
After a lot more reading, I eventually stumbled upon Dan Kaminksy's blog. He's the original researcher who found the flaw. And right there on the side of a page is a nice little utility which tells you (in a general sense) how vulnerable your DNS server may be. So, from my computer at home, I clicked on it and it said:
Your name server, at xx.xx.xx.xx, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 37.
Your name server, at 188.8.131.52, appears to be safe.Requests seen for 7dfe01ffe61e.toorrr.com:
So, I would suggest checking your DNS server(s) against Kaminsky's blog and taking the appropriate measures to make sure you're not at risk. What's even more interesting is I tried the check from work this morning and got this:
Your name server, at xx.xx.xx.xx, appears vulnerable to DNS Cache Poisoning.
All requests came from the following source port: xx
Due to events outside our control, details of the vulnerability have been leaked. Please consider using a safe DNS server, such as OpenDNS. Note: Comcast users should not worry.
No need for all of this. ISC already has a patch out for this.
The adventure of a life time.
Linux User #296285
Well, yes, but everybody has the patch by this point. The rub is in applying the patch without disrupting service and there aren't too many people who have been able to do that. This is what happens when an important vulnerability is discovered; the fix is made in haste giving administrators little time to work out the kinks.
I'll probably be staying with OpenDNS for at least another few days. They seem to be having the least amount of trouble adjusting.