A STORY published by IDG claiming that the creator of the Metaploit hacking toolkit, H D Moore, had been caught by the Kaminsky DNS cache exploit, is a load of old pants.

The story claimed that Moore's company, BreakingPoint, had some of its Internet traffic redirected to a fake Google page that was being run by a scammer.

Moore was quoted as saying the hacker was able to do this by launching what's known as a cache poisoning attack on a DNS server on AT&T's network that was serving the Austin, Texas, area.

However now Moore claims he was misquoted by the journalist in question.

Writing in his bog, Moore said that in recent conversation with Robert McMillan (IDG), he described an in-the-wild attack against one of AT&T's DNS cache servers, specifically one that was configured as an upstream forwarder for an internal DNS machine at BreakingPoint System.

McMillan published an article with a sensationalist title that while containing most of the facts attributed a quote to me that I simply did not say. Specifically, `"It's funny," he said. "I got owned", Moore said.

"No systems were been compromised, no data was stolen, and most importantly, the target of the attack was the ISP, not the company that I work for. Stating that my company was "compromised" leads the reader to believe that there was some sort of security breach, which is reinforced by the fabricated quote. Mr McMillan has since published a correction," Moore's bog said. µ

L'Inq
Metasploit