Archive for 'Uncategorized'
DNS Attack Details Come Early
It was just 14 days ago that Dan Kaminsky announced that he had found a critical security flaw in DNS, but that the details would be kept secret until he took the stage at Black Hat on August 6th. This 29 day gap between the announcement of the discovery and the detailed description of the [...]
Posted: July 22nd, 2008 under Security, Uncategorized.
Comments: none
A Big Day for DNS Security
Dan Kaminsky has done it again.
Kaminsky found a security vulnerability in the design of DNS itself. Yea, let that sink in. The problem was in the DNS protocol, not just certain implementations. That means BIND is affected (of course), Microsoft DNS is affected, and so on. A full list of affected systems is available in [...]
Posted: July 9th, 2008 under BIND, Security, Server Software, Uncategorized, djbdns.
Comments: none
ICANN and IANA DNS Compromised
ICANN and IANA were the victims of a DNS redirection attack this week.
Turkish crackers were able to take over the icann.com, icann.net, iana.com and iana-servers.com and redirect them to a hosting account at atspace.com.
Zone-H is hosting a mirror of the defacement.
Posted: June 27th, 2008 under Security, Uncategorized.
Comments: none
ICANN Accepts Top Level Expansion
Yesterday ICANN moved forward with a proposal to expand the DNS namespace by allowing private entities to stake out new top level domains. This is probably good news in the long run, but it may be the source of confusion for some in the immediate future. Is my banking account at citibank.com or www.citi ?
As [...]
Posted: June 27th, 2008 under Miscellaneous, Registrars, Uncategorized.
Comments: none
Photobucket DNS Hacked
Another DNS hijacking, this time the victim is Photobucket. Photobucket.com is registered with Register.com, and name service is provided by UltraDNS.
Register.com is investigating the problem
Posted: June 19th, 2008 under Security, Uncategorized.
Comments: none