DNS exploit code is in the wild

The urgency to patch clients and servers rises to a fever pitch as code to attack the Internet is released. Two Black Hat presenters had conflicted over the timing of the code release.

As of Wednesday, an exploit code allowing someone to attack the domain name system (DNS) was available in various places on the Internet.

On July 8, IOActive researcher Dan Kaminsky disclosed a flaw in the DNS but would not provide the details until all the affected vendors had released patches and all the systems worldwide could be patched. He figured that it would take about 30 days for that to happen.

The 30-day mark just happened to coincide with his speaking engagement at Black Hat in Las Vegas on August 6.

But on Monday, fellow Black Hat presenter Halvar Flake attacked Kaminsky's plea that a security flaw such as this be kept a secret. Flake then proceeded to lay out what he thought the flaw was. Turns out, he was right and laid the foundation for others to create and publicize an exploit.

On Thursday, Kaminsky will be a guest on the second Black Hat Webinar. This is the second of what is hoped to be a monthly series produced by the conference. Kaminsky will be joined by Jerry Dixon, former director of the Department of Homeland Security's cybersecurity division; Rich Mogull, founder of Securosis; and Joao Damas, a senior program manager at the Internet Systems Consortium. The Webinar begins at 1 p.m. PT.

To see if your connection to the Internet is vulnerable to DNS cache posioning, use this test on Kaminsky's site. As of Monday, researcher Neal Krawetz was reporting that servers at several high-profile ISPs remained vulnerable.

Featured Video

Why do so many of us still buy cars with off-road abilities?

Cities are full of cars like the Subaru XV that can drive off-road but will never see any challenging terrain. What drives us to buy cars with these abilities when we don't really need them most of the time?

by Drew Stearne