The recent DNS vulnerability and the impact on Sonic.net.

July 11, 2008 – 5:35 pm by Augie Schwer

Earlier this week US-CERT announced a very serious DNS Cache Poisoning vulnerability which affects a large number of DNS servers across the Internet.

Thankfully we here at Sonic.net run PowerDNS on our Authoritative and Recursive servers which has been hardened against this type of attack for years (official PowerDNS statement on the vulnerability).

The vulnerability would allow an attacker to inject incorrect answers into the recursive server, which would then send clients to a potentially malicious web site or redirect email, or any other network traffic; all of which would be un-detected by the user or the host running the name server.

It is highly recommended that you update your DNS name server software; all major vendors will have patches and updates available; of course if you were running PowerDNS, then you wouldn’t need to do any patching. :)

Share and Enjoy:
  • Digg
  • del.icio.us
  • Pownce
  • Slashdot
  • StumbleUpon
  • Technorati
  • TwitThis

Tagged with: , , , , .

Similar posts:

  1. One Response to “The recent DNS vulnerability and the impact on Sonic.net.”

  2. It was amusing. DNS poisoning is nothing new and yet the mainstream media attempted to paint this latest obscure DNS poison attack as virtually the end of the world. It wasn’t. It never is. }:-} Professional ISPs have administrators who know what they’re doing and the mainstream media’s attempts to paint it like a Y2K Version 2.0 hysteria were amusing. }:-}

    By Fredric L. Rice on Jul 29, 2008

Post a Comment

Please Note: Blog comments are not intended as a direct support contact. If you are having a technical problem, or something equally time-sensitive, please contact Sonic.net Support by sending an email to support@sonic.net or calling 707-547-3400 (phones open 6am-11pm M-F, 8am-10pm weekends).

Sonic.net Internals is proudly powered by WordPress Entries (RSS) and Comments (RSS). Theme by Bob Hosted by Sonic.net