Posted by kecoak on Jul 9, 2008

Massive DNS Patch

Dan kaminsky menemukan security hole pada implementasi DNS, celah ini diindikasikan dapat membuat attacker me-redirect request ke suatu sistem yang diinginkan. Bersama dengan riset dari Dan kaminsky ini, telah dilakukan kesepakatan dengan 81 vendor untuk melakukan patch secara bersamaan dan Dan Kaminsky akan melakukan full disclosure pada Black Hat bulan agustus mendatang.

Today, CERT is issuing an advisory for a massive multivendor patch release to resolve a major issue in DNS that could allow attackers to easily compromise any name server (it also affects clients). Dan Kaminsky discovered the flaw early this year and has been working with a large group of vendors on a coordinated patch release.

The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not immediately reveal the vulnerability and reverse engineering isn’t directly possible.

Dan asked for some assistance in getting the word out and was kind enough to sit down with me for an interview. We discuss the importance of DNS, why this issue is such a problem, how he discovered it, and how such a large group of vendors was able to come together, decide on a fix, keep it secret, and all issue on the same day.

Dan and the vendors, did an amazing job with this one. We’ve also attached the official CERT release and an Executive Overview document discussing the issue.

Check the complete story from here.

Post a Comment

3 Responses to “Massive DNS Patch”

  1. Sharren says:

    thx for the info, ISC BIND udah keluar patchnya.

    FYI, currently down

  2. scut says:

    @Sharren: kangen 🙂

  3. Sharren says:

    @scut: dah kawin blom bos?

Leave a Reply

Your email address will not be published. Required fields are marked *