Monday, July 21, 2008

DNS vulnerability in the wild

Well, it had to happen. The DNS vulnerability discovered by Dan Kaminsky has been leaked. Go read here, here, or here. Then read this and this . The vulnerability is conceptually simple, and frankly it is amazing that no other researchers ever found it. I'll not elaborate on how dangerous it is (patch now!) or how it works exactly. Instead, I'll be trying to wrap my head around this one and get ready to explain the details when asked. Kudos to Dan on how he handled it.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.