DNS Flaw Hits More Than Just the Web 215
gringer writes "Dan Kaminsky presented at the Black Hat conference in Las Vegas on Wednesday, and said that the DNS vulnerability he discovered is much more dangerous than most have appreciated.
Besides hijacking web browsers, hackers might attack email services and spam filters, FTP, Rsync, BitTorrent, Telnet, SSH, as well as SSL services. Ultimately it's not a question of which systems can be attacked by exploiting the flaw, but rather which ones cannot. Then again, it could just be hype.
For more information, see Kaminsky's power point presentation." Update: 08/07 19:48 GMT by T : There's also an animation of the progress of the patch.
wow (Score:5, Funny)
its almost like every service that uses hostnames might be affected.
Black Hat Hacker and Power Point (Score:2, Funny)
Oh er? Never mind.
Don't believe the hype! (Score:2, Funny)
Bah, there's no way that this DNS vulnerability affects any of us here! We're all up to speed on patc
+++
NO CARRIER
Re:Don't believe the hype! (Score:3, Funny)
*makes note not to visit devinmoore.com, as they seem to have some infrastructure problems*
To everyone on 216.34.181.45 (Score:5, Funny)
And they called me a fool when I refused to learn website names WHO'S LAUGHING NOW!!
Re:To everyone on 216.34.181.45 (Score:3, Funny)
WHOIS*
Re:SSH and SSL protected (Score:0, Funny)
SSL will raise a certificate error unless they have some way of getting a fake cert.
Or if they've managed to re-route the Certificate Authority. But that would require some kind of hack against the Domain Name Serv-oh... never mind.
Comment removed (Score:5, Funny)
Surprised? (Score:5, Funny)
This is why I've maintained a comprehensive /etc/hosts file since 1996. Every now and then it gets to be a bit large, so I periodically print it out and cache it to a shelf full of 3-ring binders.
Gopher (Score:5, Funny)
Re:To everyone on 216.34.181.45 (Score:5, Funny)
Domain Name: LAUGHINGNOW.COM
Registrar: GODADDY.COM, INC.
Whois Server: whois.godaddy.com
Referral URL: http://registrar.godaddy.com/ [godaddy.com]
Name Server: NS1.ACTIVEAUDIENCE.COM
Name Server: NS2.ACTIVEAUDIENCE.COM
Status: clientDeleteProhibited
Status: clientRenewProhibited
Status: clientTransferProhibited
Status: clientUpdateProhibited
Updated Date: 06-aug-2008
Creation Date: 11-mar-2005
Expiration Date: 11-mar-2009
Re:Litmus testing (Score:5, Funny)
I doubt that the union of "people who think the web is the Internet" and "people who discover Slashdot and stick around" is more than a handful.
Actually, I imagine the union would be enormous. Perhaps you meant the intersection?
Re:Don't believe the hype! (Score:3, Funny)
Re:Don't believe the hype! (Score:5, Funny)
That's so last century. Here, let me fix it for you:
Re:wow (Score:5, Funny)
That's why I only navigate using IP addresses... damn kids with their domain names!
Get off my lawn!
Re:Litmus testing (Score:5, Funny)
Nah. Those are just the requirements for upmodding. You can still hang around otherwise, but we might not talk to you.
Power Point Presentation? (Score:5, Funny)
WTF? What geek or nerd would even read a PPP, much less trust anything in it?
And is it even possible to transfer actual information via Power Point? I've heard rumors that it can be done, but I don't think I've ever seen anyone actually do it.
To: UID 1314109 Re: CID 24512103 (Score:5, Funny)
To: UID 1314109
Re: CID 24512103
I, UID 84249, am laughing now.
Re:Power Point Presentation? (Score:4, Funny)
And is it even possible to transfer actual information via Power Point? I've heard rumors that it can be done, but I don't think I've ever seen anyone actually do it.
I saw a great Power Point presentation on that subject once, it was very convincing.
Re:wow (Score:2, Funny)
Re:Litmus testing (Score:5, Funny)
Check the stories for horrifying editing mistakes.. if you don't find any by the end of the day, I guess we'll have to notify Taco about being owned.
Re:Litmus testing (Score:3, Funny)
Rubber-soled platform soles and tinfoil bodysuits?
So those 1970's scifi series (such as Blakes' 7 and UFO) were actually prophetic!
Re:wow (Score:3, Funny)
Don't you mean, get off my 127.0.0.1?