DNS Issue - Let us test our ISP's

O

orange

Well-Known Member
Joined
Jun 13, 2005
Messages
170
Reaction score
15
A major weakness in some DNS implementations has been found - patches have bee out for over a month.

This is quite a serious one - it allows attackers to, in seconds, redirect any address to their servers.

A tool exists to check if your ISP has upgraded their NS's - checkout https://www.dns-oarc.net/oarc/services/dnsentropy - let see if our isp's have upgraded their servers by publishing the ISP and the results of the check here...
 
gregmcc said:
This is a old one - there's a few threads about this.
Click to expand...

Yeah I mention that the fixes have been out for a month now - but what I'm interested in is, is your ISP still vulnerable a month later??
 
orange said:
A major weakness in some DNS implementations has been found - patches have bee out for over a month.

This is quite a serious one - it allows attackers to, in seconds, redirect any address to their servers.

A tool exists to check if your ISP has upgraded their NS's - checkout https://www.dns-oarc.net/oarc/services/dnsentropy - let see if our isp's have upgraded their servers by publishing the ISP and the results of the check here...
Click to expand...

Anyway - let me go first - IS ADSL Account:

196.26.52.130 Source Port Randomness: GREAT

196.26.52.130 Transaction ID Randomness: GREAT
 
Only a month?
Dan's been trying to tell people about this for 7 years now.

I would hope some people have had "fixed" DNS servers for alot longer than a month now.
 
daffy said:
Only a month?
Dan's been trying to tell people about this for 7 years now.

I would hope some people have had "fixed" DNS servers for alot longer than a month now.
Click to expand...

So - what is your ISP - and are they vulnerable?

I'm interest in any results from vodacom and or iburst people - just a hunch regarding people who do large scale NAT type stuff.....
 
daffy said:
My ISP is not vulnerable.

This issue has been around, and public knowledge for a long long time: http://cr.yp.to/djbdns/forgery.html
Now the media hops on it, and people start panicking.
Click to expand...

Actually - a new way of exploiting this was uncovered - so, while you are correct in saying the weakness was always there, the way of exploiting it was not public knowledge for a long time, and is certainly not covered at http://cr.yp.to/djbdns/forgery.html .

The situation has changed - the new way of exploiting that has come to light, significantly changes things.

The media is right to make as big a noise as possible over this.
 
orange said:
Actually - a new way of exploiting this was uncovered - so, while you are correct in saying the weakness was always there, the way of exploiting it was not public knowledge for a long time, and is certainly not covered at http://cr.yp.to/djbdns/forgery.html .

The situation has changed - the new way of exploiting that has come to light, significantly changes things.

The media is right to make as big a noise as possible over this.
Click to expand...

Hears you :mad:
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X