|
|
|
Security: Thoughts on Latest DNS Vulnerability |
Si vous voulez bloquer ce service sur vos fils RSS
Si vous voulez nous contacter ou nous proposer un fil RSS
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Security: Thoughts on Latest DNS Vulnerability Par Zen OneLe [2009-05-28] à 21:34:38
Présentation : While on a quick trail run before work this morning, I was thinking about yesterday's announcement of a serious vulnerability in the DNS protocol. For those that don't know, yesterday Dan Kaminsky announced that there's a fundamental flaw in the DNS protocol. Shortly thereafter the United States Computer Emergency Readiness Team (US-CERT) issued a security advisory titled, "Multiple DNS implementations vulnerable to cache poisoning". Since we're talking about a fundamental flaw within the DNS protocol itself, many implementations of DNS are considered to be vulnerable. DNS, in a nutshell, is what translates human readable and memorizable names, such as www.blackhat.com, to IP addresses that can get routed through the Net, such as 66.240.206.90. BlackHat has made available a recording of the press conference at which Karminsky made the public announcement. Karminsky has also made available an online tool to check whether or not the primary DNS server you're using is vulnerable. A recent post on NANOG has a link to a perl script that allows one to run Karminsky's DNS checker against any nameserver. I've heard a few individuals state that this latest vulnerability isn't critical in nature. We do know that Karminsky will be releasing full details of the vulnerability at next month's BlackHat in Las Vegas. It is also possible that exploit code could emerge prior since Karminsky did narrow down the area in which the DNS design flaw exists. Though Karminsky has stated, "This is not enough information to reverse engineer the flaw," I believe it's an extremely risky assumption for businesses to base delaying the patching of their vulnerable name servers upon. Looking at a risk matrix, I see the this DNS vulnerability as a high risk: Likelihood of exploitation: LOW/MEDIUM [ within 30 days] Impact of exploitation: HIGH ----------------- Risk Rating: HIGH One individual I know had stated, "In terms of DNS, the world isn't any more dangerous today than it was yesterday." However, we're not just dealing with randomization of source ports which had been known publicly for several years (back in 2005). We're also dealing with the weak entropy in the DNS transfer id (DNS XID). I believe that the risk, or danger, has increased. In some uncomfortable way, this latest issue with DNS reminds me of the levees in New Orleans that were known to have severe vulnerabilities. Eventually the threat (heavy rain) exploited (broke) the vulnerability (failing levees) resulting in negative impact (flooding, financial loss and loss of life). Ignoring the vulnerability with the levees didn't remove the risk or make things any "safer". I'm interested to see what Karminsky produces at the upcoming BlackHat. Steve Zenone ### [UPDATE - 7/10/2008]: Yet another option to test your nameserver is to use the dig hack from Duane Wessels; from a unix shell type 'dig +short @nameserver-to-be-tested porttest.dns-oarc.net TXT'. A vulnerable nameserver will display the following output: z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "nameserver-you-tested is POOR: 22 queries in 0.6 seconds from 1 ports with std dev 0.00" In turn, a better maintained nameserver will return the following: z.y.x.w.v.u.t.s.r.q.p.o.n.m.l.k.j.i.h.g.f.e.d.c.b.a.pt.dns-oarc.net. "nameserver-you-tested is GOOD: 22 queries in 0.6 seconds from 1 ports with std dev 0.00" [][] [] [] [] [][]
Les mots clés de la revue de presse pour cet article : security vulnerability
Les videos sur SecuObs pour les mots clés : security vulnerability
Les mots clés pour les articles publiés sur SecuObs : security
Les éléments de la revue Twitter pour les mots clé : security vulnerability
Les derniers articles du site "Zen One" :
- The Force Awakens ... on Twitter
- Using Python to Sound Like a Wine Snob
- Sync Oracle Calendar to Google Calendar iCal iPhone
- Where The 'Bleep' Did My Identity Go
- Retrieving a Stolen iPhone in Under 72 Hours
- Koobface Analysis
- DHS Cybersecurity Strategy and New California eCrime Unit
- America the Vulnerable
- New Reader Poll - CISSP Exam
- The Pony in the Dung Heap Joke
Menu > Articles de la revue de presse : - l'ensemble [ tous | francophone] - par mots clé [ tous] - par site [ tous] - le tagwall [ voir] - Top bi-hebdo de la revue de presse [ Voir]
Si vous voulez bloquer ce service sur vos fils RSS :
- avec iptables "iptables -A INPUT -s 88.191.75.173 --dport 80 -j DROP"
- avec ipfw et wipfw "ipfw add deny from 88.191.75.173 to any 80"
- Nous contacter par mail
| Mini-Tagwall des articles publiés sur SecuObs : | | | | sécurité, exploit, windows, attaque, outil, microsoft, réseau, audit, metasploit, vulnérabilité, système, virus, internet, usbsploit, données, source, linux, protocol, présentation, scanne, réseaux, scanner, bluetooth, conférence, reverse, shell, meterpreter, vista, rootkit, détection, mobile, security, malicieux, engineering, téléphone, paquet, trames, https, noyau, utilisant, intel, wishmaster, google, sysun, libre |
| Mini-Tagwall de l'annuaire video : | | | | curit, security, biomet, metasploit, biometric, cking, password, windows, botnet, defcon, tutorial, crypt, xploit, exploit, lockpicking, linux, attack, wireshark, vmware, rootkit, conference, network, shmoocon, backtrack, virus, conficker, elcom, etter, elcomsoft, server, meterpreter, openvpn, ettercap, openbs, iphone, shell, openbsd, iptables, securitytube, deepsec, source, office, systm, openssh, radio |
| Mini-Tagwall des articles de la revue de presse : | | | | security, microsoft, windows, hacker, attack, network, vulnerability, google, exploit, malware, internet, remote, iphone, server, inject, patch, apple, twitter, mobile, virus, ebook, facebook, vulnérabilité, crypt, source, linux, password, intel, research, virtual, phish, access, tutorial, trojan, social, privacy, firefox, adobe, overflow, office, cisco, conficker, botnet, pirate, sécurité |
| Mini-Tagwall des Tweets de la revue Twitter : | | | | security, linux, botnet, attack, metasploit, cisco, defcon, phish, exploit, google, inject, server, firewall, network, twitter, vmware, windows, microsoft, compliance, vulnerability, python, engineering, source, kernel, crypt, social, overflow, nessus, crack, hacker, virus, iphone, patch, virtual, javascript, malware, conficker, pentest, research, email, password, adobe, apache, proxy, backtrack |
|
|
|
|
|
