DNS Disaster
The Domain Name System (DNS) lies at the core of the Internet and our own corporate networks, but most admins and network pros barely give it a second thought. An exploit discovered last summer that's
now starting to spread should make us all take DNS seriously.
The problem comes with the scary name cache-poisoning vulnerability. "The vulnerability involves a weakness in the transaction ID used in DNS queries. Currently, replies to a DNS query have to contain the proper transaction ID, which is chosen randomly from 65,000 values," our report explains. Fortunately, there's a patch -- and has been for about half-a-year.
Posted by Doug Barney on February 23, 2009