Dan posted a nice little explanation on his blog giving a good overview of the bug he found.
Have a look here -> http://www.doxpara.com/?p=1185
You are currently browsing the archive for the DNS category.
Two weeks ago, renowned security researcher Dan Kaminsky released information to the security community that alluded to a major DNS flaw on the internet. However, instead of spreading the exploit to all and sundry he instead decided to inform major DNS vendors that the flaw existed and required patched before it became common knowledge to all and exploited.
In doing so, Dan dared to became the subject of criticism from his peers. Their mindset was that exploits should be released and be public knowledge so that fixes can be deployed and the theory reviewed by other security professionals. Dan himself admits that he was wrong in not seeking peer review before going public; he instead chose to go public about the flaw that he identified before all systems were fully patched and announce that a fix was being deployed. He admitted he was wrong but I can’t help but think he wasn’t – although I must credit him for falling on his own sword after the scorn of fellow security professionals. He didn’t release the flaw to any of his online peers because he was concerned that it would be released early before all DNS servers could be patched – which is exactly what happened.
After receiving this criticism he instead opted to seek out the opinions of two other prominent security professionals. One being Dino Dai Zovi and the other Thomas Ptacek, a security expert and Principal over at Matasano Security. Both validated Dans claims – he was right, the DNS vulnerability is real. Dan was due to speak at Black Hat in Las Vegas where he would release details of the vulnerability as sufficient time would have passed to allow the patching of vulnerable servers. However, before he had the chance, someone beat him to the punch.
Halvar Flake, otherwise know as Thomas Dullien, CEO and Head of Research over at Zynamics, decided to post his own hypothesis on what the vulnerability was. It turned out that he was almost bang on with his theory but this was then corroborated when a post by a researcher at Matasano Security corrected some of the details Halvar Flake had posted – swiftly hitting the nail on the head of any secrecy left out there about the vulnerability. As soon as Matasano realised the blog post had been published early they removed it and a letter of apology was published from Thomas Ptacek. He explained that the post was not supposed to have been published, apologised for the leak and praised Dan for his work in finding the exploit.
As it stands, the patches are being applied but Dan suggests that for now you use OpenDNS for your DNS services, they are expecting your traffic and their DNS servers are safe to use.
Who says IT is boring? 
Ian
Network World | Security
- Travelers file complaints over TSA body scanners March 9, 2010
- Bogus intranets scam university students March 9, 2010
- Online security questions are too easy to answer March 9, 2010
- Panda discovers malware on HTC Magic phone March 9, 2010
- Auto of the Future? New Cars Add Infosec Technology March 9, 2010
Darknet | Ethical Hacking & Pentesting
- Energizer Duo USB Battery Charger Software Has Backdoor Trojan March 9, 2010
- SAHI – Web Automation & Application Security Testing Tool March 8, 2010
- Boffins Crack OpenSSL Library Using Power Fluctuations March 4, 2010
- Ncrack – High Speed Network Authentication Cracking Tool March 3, 2010
- High Tech Ticket Scalpers Earn $25 Million Profits March 2, 2010
The Register | Security
- Suburban woman accused of using net to recruit terrorists March 10, 2010
- Fraud-prevention service ponies up $12m for 'false' ads March 9, 2010
- It's official: Adobe Reader is world's most-exploited app March 9, 2010
- New Internet Explorer code-execution attacks go wild March 9, 2010
- FA launches security probe after England team bugged March 9, 2010