Vulnerable to a DNS cache poisoning at home?

Tools and patches are available to see whether your home Internet connection is vulnerable to Dan Kaminsky's DNS flaw.• DNS exploit code is in the wild

On Wednesday, an exploit code allowing someone to attack the domain name system (DNS) became available. No one has yet used the code, but the advice is simple: Patch. Now. While most of the burden is on the Domain Name System servers and the various systems that support them, the nature of the flaw is such that desktop clients also need to patch their software as well.

First, to determine whether your DNS system is vulnerable, use either of these tests:

If the test returns a message similar to "Your name server, at 2xx.2xx.1xx.1x, appears vulnerable to DNS Cache Poisoning," then you may need to patch your desktop system.

Windows users
If you automatically apply Microsoft Updates to your Windows computer, you should have received Microsoft Security Bulletin MS08-037; if you don't automatically apply updates, you should click the link and apply this patch ASAP.

ZoneAlarm users
If you use ZoneAlarm, however, make sure you are running the latest release, 7.0.48, before installing MS08-037. There is a known incompatibility with the Microsoft patch and older versions of ZoneAlarm.

Mac or Linux users
If you are running Mac OS or Linux, see this US CERT page for the latest patch details. As of Thursday, Apple has not issued a patch for its Mac OS X operating system.

Still, in the end, protection from any DNS exploit also depends on your upstream ISP providers. As of Monday, researcher Neal Krawetz was reporting that servers at several high-profile ISPs remained vulnerable.

Tags:
Security
About the author

    As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.

     

    Join the discussion

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Galleries from CNET
    Tech industry's high-flying 2014
    Uber's tumultuous ups and downs in 2014 (pictures)
    The best and worst quotes of 2014 (pictures)
    A roomy range from LG (pictures)
    This plain GE range has all of the essentials (pictures)
    Sony's 'Interview' heard 'round the world (pictures)