[olug] DNS exploit VU#800113 - should be we alarmed?

Will Langford unfies at gmail.com
Tue Jul 15 18:48:48 UTC 2008


I ran the suggested:

    dig porttest.dns-oarc.net in txt

With Cox (bellevue fort crook area) and got a 'GOOD' response.

A run from a dedicated server in California also reported 'GOOD'.

Running the query from within work's network with a Slackware 12.0 dns
caching gateway resulted in a 'POOR'.   I get 'GOOD' results after
installing the bind update/patch via:

http://slackware.mirrors.pair.com/slackware-12.0/patches/packages/bind-9.4.2_P1-i486-1_slack12.0.tgz

I'm... mildly curious how this affects any routers or other embedded
devices that cache DNS goodness :).

-Will

On Tue, Jul 15, 2008 at 1:32 PM, Jay Hannah <jay at jays.net> wrote:
> Apparently Paul Vixie (who invented DNS) is freaked out about a DNS
> exploit which will be released to the wild on August 7:
>
> http://www.circleid.com/posts/87143_dns_not_a_guessing_game/
> http://www.kb.cert.org/vuls/id/800113
>
> Is anyone on top of this?
>
> Should we be alarmed?
>
> Thanks,
>
> j
>
>
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list