DNS Fool

It was just 14 days ago that Dan Kaminsky announced that he had found a critical security flaw in DNS, but that the details would be kept secret until he took the stage at Black Hat on August 6th.  This 29 day gap between the announcement of the discovery and the detailed description of the attacks was to give ISPs and software vendors time to update their systems so that more people on the ‘net would be protected when exploits hit the wild.  Also, it would give Dan’s Black Hat talk a lot of well deserved attention.

That all changed yesterday when Halvar Flake speculated what the attack may be.  He wasn’t sure of it himself, but as it turned out his guess was pretty close.  The Matasano team posted an entry on their blog that gave details of the attack, which quickly spread around the Internet.  Although the post has since been taken down, and the Matasano team has apologized, the text of the post is available all around the Internet.  The cat is out of the bag, so everyone needs to make sure their systems are patched right away.

The attack is interesting indeed, and it is amazing that no one has considered this approach until now.  If you have a few minutes, you may want to read what is available.