An Exploit is in the Wild
Well that didn’t take long.
Mere days after the details of the recent DNS attack were made public there is already an exploit out in the wild. HD Moore and I)ruid have added an exploit to the Metasploit project, a popular penetration testing framework. These are the good guys, but the bad guys have the same access to the code as everyone else.
It doesn’t seem like anyone outside DNS and networking communities really understand how significant this issue is. Noted DNS expert Cricket Liu has suggested that this may be the biggest DNS vulnerability in the history of the Internet, and certainly the biggest vulnerability right now.
Also, there’s a good interview with Dan Kaminsky over at Wired where he talks about discovering the vulnerability and reiterates that “this (attack takes) ten seconds to hijack the net”.
Dan provides a “DNS Checker” on his website to see if your DNS is vulnerable. Please go check. If you find that you are not safe, OpenDNS is ready for your traffic. If you are a network administrator, now might be a good time to consider switching to djbdns.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Posted by corywright on July 23rd, 2008 under Security.
Comments: none
Write a comment