DNS flaw exploit published

That certainly didn't take long

By Egan Orion

Thu Jul 24 2008, 11:10

ATTACK CODE to exploit the DNS cache poisoning vulnerability partially revealed by its discoverer Dan Kaminsky and more recently detailed by others has just been published.

Metasploit, a free network probing and penetration testing toolset, added exploit code for the DNS flaw. A rogue DNS service has also been created to assist hackers with the exploit, according to Metasploit author HD Moore, who worked with a security researcher having the handle |)ruid to write the DNS flaw attack software.

The availability of such a readily useable attack tool should greatly increase the urgency for networking administrators to apply the patches needed to guard against such attacks. µ

L'Inq
Zdnet

Hack against The Sun was planned for two weeks Lulzsec is still front page news Tuesday, 19 July 2011, 13:45 PM Read more	$5,000 of bounties are offered in Metasploit exploit race Google Chrome evades exploiters' attempts Thursday, 16 June 2011, 11:58 AM Read more
Researcher blasts Siemens over 'power plant hack' vulnerability He says the clock is ticking Tuesday, 24 May 2011, 16:25 PM Read more	Skype for Mac update will fix a dangerous security hole Significant update expected this week Monday, 9 May 2011, 12:37 PM Read more
High-level DNSSEC domain security gets signed for '.co.uk' names Better domain name system security Friday, 6 May 2011, 13:02 PM Read more	Microsoft fixes Pwn2own Internet Explorer hole Along with 63 other software vulnerablities Wednesday, 13 April 2011, 11:14 AM Read more

Comments

Thus sayeth Bender...

Well, we're boned!!

posted by : Sam, 25 July 2008 Complain about this comment

INQ White papers

Databases

Network management

Security

Service oriented architecture

Storage

INQ Jobs

PHP Web Developer - html,

The Company: My client b...

INQ Poll

Authorities in several countries raided Megaupload recently, shut down all of its services, seized hundreds of servers and arrested several of its executives on criminal charges.

Do you think the move was justified?

Yes, companies should suffer an immediate death penalty upon being accused of copyright infringement.

Yes, the coppers said the company was breaking the law so it must be guilty.

No, the company and the people accused are innocent until proven guilty.

No, the company had millions of customers who have been harmed by having access to their data files cut off.

I don't care, I never used Megaupload anyway.

View other polls

© Incisive Media Investments Limited 2012, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093

SEARCH :

Site Credentials:

Business & Technology websites:

Business research resources:

Products:

Investment Market IT websites:

Find out what you are worth:

Salary Calculator

Search for a job:

Recruitment Agency A-Z Directory

Accreditations:

Digital Publisher of the Year 2010

DNS flaw exploit published

Share this:

RIM Playbook OS 2.0 and Blackberry 7.1 video demo

Nokia Lumia 710 video review