13:45 Dns terrible happened | |
| B protocol DNS was discovered almost used hole. Not in any particular client, but the protocol itself. And it is known there had been a long time ago, but all the "experts" agree on the fact that "well, in theory, this is - maybe a problem, but in practice it can not be used." But not so long ago, invented a way to practical use "cache poisoning" - and it has upset all the cards. It seems that it is - another test of the strength of the Internet: it is planned "largest synchronized security update in the history of the Internet", which would have involved dozens of vendors (which is not so scary), and hundreds and thousands of ISP (but this is terrible - many of them very carelessly refers to updating the software on servers). The information presently in the public domain a bit. There is an interview with the man who discovered the vulnerability, there is a site where you can check out - whether your computer is vulnerable DNS or not (in fact, of course, will be tested not your DNS, and DNS, which is used by your proxy-server). There is also some information about the possible consequences: an attacker could cause a caching DNS-server is assumed that any site on the Internet is anywhere. What are the prospects it opens up for abuse me, I hope to explain not need (that would be if SMTP-server of your partner will learn to send your mail is not directly to you, but the site zlumyshlennika - and from there to you?). Dan Kaminsky promised to publish the details at a press conference on 6th of August, but it is expected that by the time (based on the published patches) it is already known to many (not all of these people will be wearing a "white hat"). That's it. Most of the news sites, trumpeting that "closed the fundamental vulnerability", but here's the first word - there is clearly a mistake. Not "closed" and "closed" and when it will be "closed" finally - God only knows. P.S. For those who are in the tank: it is not about the theoretical findings on the vulnerability of DNS-protocol (it talked about two years ago). We are talking about practical use this uzyavimosti - and with success probability sufficient to zasuetelis large firms such as Cisco, Microsoft (not to mention the Linux-vendor). P.P.S. Found that the space is already written, but since then the topic was the link, it seems, nobody wanted to even other items, which led link. All together otplyusovali comments like "dupe," "garbage," "virtually impossible to use it," etc., and then calmed down. "Boyan" it or "garbage" we do know only 6 of August, and yet - for me is a sufficient criterion for the fact that all that I know the system were urgently upgraded yesterday, day before yesterday. Not two years ago ", not" month "ago, but" just the other day. " Something did make the lot vendors to do this? Or are they all fighting against windmills? | |
|
| |
| Total comments: 0 | |