[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SANS: DNS Bug Now Public?

Subject: SANS: DNS Bug Now Public?
From: regnauld at catpipe.net (Phil Regnauld)
Date: Thu, 24 Jul 2008 10:45:05 +0200
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>

Joe Abley (jabley) writes:
>
> Having just seen some enterprise types spend time patching their 
> nameservers, it's also perhaps worth spelling out that "patch" in this case 
> might require more than upgrading resolver code -- it could also involve 
> reconfigurations, upgrades or replacements of NAT boxes too. If your NAT 
> reassigns source ports in a predictable fashion, then no amount of BIND9 
> patching is going to help.

	Case in point, we've got customers running around in circles
	screaming "we need to upgrade, please help us upgrade NOW",
	but they have _3_ layers of routers and firewalls that are hardcoded to
	only allow DNS queries from port 53.

Follow-Ups:
- SANS: DNS Bug Now Public?
  - From: vixie at isc.org (Paul Vixie)

References:
- SANS: DNS Bug Now Public?
  - From: Jon.Kibler at aset.com (Jon Kibler)
- SANS: DNS Bug Now Public?
  - From: jmamodio at gmail.com (Jorge Amodio)
- SANS: DNS Bug Now Public?
  - From: smb at cs.columbia.edu (Steven M. Bellovin)
- SANS: DNS Bug Now Public?
  - From: jmamodio at gmail.com (Jorge Amodio)
- SANS: DNS Bug Now Public?
  - From: jabley at ca.afilias.info (Joe Abley)

Prev by Date: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
Next by Date: https (was: Re: Exploit for DNS Cache Poisoning - RELEASED)
Previous by thread: SANS: DNS Bug Now Public?
Next by thread: SANS: DNS Bug Now Public?
Index(es):
- Date
- Thread