In light of the recent disclosure over a new DNS cache poisoning vulnerability, everyone surfing the WWW is susceptible to attacks where hackers poison DNS caches to redirect innocent users to malicious sites. US-CERT has published numerous remediation steps to address this threat and one of the critical actions require DNS administrators to patch their servers immediately.
Broadband users do not manage their own DNS servers but rely on DNS servers hosted by their ISPs. Run this test against your ISP's DNS to check that you will not become a potential victim of DNS cache poisoning attacks. The report should reflect the result "Great" for both source port and transaction randomness. I've already sent my ISP an email to advise them to take action. I have not heard from them since but no worries as I've decided to utilize OpenDNS instead. Just follow the simple instructions on their website to utilise their IP addresses.
Not wanting to sound like a doomsayer... getting your ISP to get off their butt or using OpenDNS is imperative because attacks are being seen in the wild. POC code like Evilgrade doesn't help the situation. Evilgrade btw is a POC code that permits hackers to set up a fake update server to con victims into downloading malware instead of patches. Nasty!
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment