- TalkBack 4 of 12:
- Next »
- « Previous
- Thread View
- Flat View
- Cool
-
Nate, nice post and analysis!
Wasn't the replacing the ns.victim.com cache entry part of the Halvar Flake speculation? I thought first part of the exploit was to have a not fully working PoC on purpose
Still, now it's ~32 bits of combinations to guess, so according to Birthday Attacks it would take 77k packets to reach 50% probability and something about 150k to get a closer to 100% chance. DNS needs to get sorted to use TCP for server to server, or use IPSec AH (much better.)
Some friends are upset all this will help evil Verisign to push DNSSec and keep expanding their monopoly on certificates.
Alecco - Posted by: alecco Posted on: 07/24/08 You are currently: a Guest | Members login | Terms of Use
So, Linux's BIND the first to be exploited...
qmlscycrajg | 07/24/08
|
 
Are you sure it's only Linux?
alecco | 07/24/08
|
I think he meant first one is Linux BIND
phatkat | 07/24/08
|
|
Cool
alecco | 07/24/08
|
|
Yes
nmcfeters | 07/24/08
|
|
On NS record replacement for other domains
alecco | 07/24/08
|
|
I think this is all terribly irresponsible...
BitTwiddler | 07/24/08
|
|
I beg to differ
alecco | 07/24/08
|
|
On the ethics
nmcfeters | 07/24/08
|
|
Your correct Alecco
phatkat | 07/24/08
|
|
RE: |)ruid and HD Moore release part 2 of DNS exploit
DonD01 | 07/24/08
|
|
RE: |)ruid and HD Moore release part 2 of DNS exploit
hd-download | 07/26/08
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
- Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
- Open Standards Technologies Provide the Ingredients for Delivering Security Across the Papa Gino's Enterprise Dell Papa Gino's Holdings Corporation founded by the entrepreneur operates one ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
Enterprise Applications
- Check out some of the easiest and most powerful ways to boost productivity while saving money on your application infrastructure. See ZDNet's comprehensive Enterprise Application resource center, now!
- New Online Dashboard
-
- Read about top issues IT decision-makers face every day, plus get cost effective solutions to real life IT problems. Oracle Topline
-
