InkofDeath Posted December 2, 2008 Share Posted December 2, 2008 http://www.wired.com/techbiz/people/mag ... f_kaminsky Then last January, on a drizzly Sunday afternoon, he flopped down on his bed, flipped open his laptop, and started playing games with DNS. He used a software program called Scapy to fire random queries at the system. He liked to see how it would respond and decided to ask for the location of a series of nonexistent Web pages at a Fortune 500 company. Then he tried to trick his DNS server in San Diego into thinking that he knew the location of the bogus pages. Suddenly it worked. The server accepted one of the fake pages as real. But so what? He could now supply fake information for a page nobody would ever visit. Then he realized that the server was willing to accept more information from him. Since he had supplied data about one of the company's Web pages, it believed that he was an authoritative source for general information about the company's domain. The server didn't know that the Web page didn't existit was listening to Kaminsky now, as if it had been hypnotized. Two paragraphs quoted out of a 5 page article. What's everyone's thoughts on this, or is it completely blown out of proportion of the severity of this? To be honest if it's as it sounds it's pretty messed up and freaky that something so easy got past so many people (or it hasn't and has been a well kept secret). But yea, it's pretty interesting how software/hardware still has it's open holes. Link to comment Share on other sites More sharing options...
Makoto_the_Phoenix Posted December 2, 2008 Share Posted December 2, 2008 It's real, just told in a nice way. The DNS poisoning attacks are very, very real, and many people had become susceptible to it. Now, unless you haven't updated your machine since the dawn of time, you're protected from it. Linux User/Enthusiast | Full-Stack Software Engineer | Stack Overflow Member | GIMP User...Alright, the Elf City update lured me back to RS over a year ago. Link to comment Share on other sites More sharing options...
DaN Posted December 2, 2008 Share Posted December 2, 2008 I have a windows95 laptop (somewhere). Is it susceptible to this? ~Dan64AuSince 27 Aug 2002 Link to comment Share on other sites More sharing options...
D. V. Devnull Posted December 3, 2008 Share Posted December 3, 2008 Even better, could we just get a table (or link to one) that shows info on what is vulnerable and what isn't? I don't like the thought of my web requests being hijacked by anyone. :( ~D. V. "Hey... Where'd the page go?" Devnull and normally with a cool mind.(Warning: This user can be VERY confusing to some people... And talks in 3rd person for the timebeing due to how insane they are... Sometimes even to themself.) Link to comment Share on other sites More sharing options...
dsavi Posted December 4, 2008 Share Posted December 4, 2008 I have a windows95 laptop (somewhere). Is it susceptible to this? If you use your laptop as a DNS server, yes. Link to comment Share on other sites More sharing options...
Makoto_the_Phoenix Posted December 4, 2008 Share Posted December 4, 2008 Even better, could we just get a table (or link to one) that shows info on what is vulnerable and what isn't? I don't like the thought of my web requests being hijacked by anyone. :( ~D. V. "Hey... Where'd the page go?" Devnull As far as I know, if you've upgraded your machine since this past September at the latest, then you should be alright. More or less, this was affecting specific DNS servers, and they should've patched those things up by now. Linux User/Enthusiast | Full-Stack Software Engineer | Stack Overflow Member | GIMP User...Alright, the Elf City update lured me back to RS over a year ago. Link to comment Share on other sites More sharing options...
InkofDeath Posted December 4, 2008 Author Share Posted December 4, 2008 Yep, the major things like banks, credit card sites, email sites, and the servers they run from have all been updated, it's just the non-important, unappealing sites/hosts that haven't patched themselves. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now