Thursday, August 14, 2008

Kaminsky DNS Vulnerability

An Illustrated Guide to the Kaminsky DNS Vulnerability

With twitter, I have almost stopped blogging. But this was something that needed more than 140 chars. So here is another blog post.
This thing has been making rounds in the web security world for quite some time now. This in fact appeared in the Times of India newspaper recently. The article there mentioned about the sudden patching that the nameservers were going through. This security hole is indeed that serious. With this exploit an attacker can get hold of a complete domain and become an authoritative nameserver for that domain. So any request to resolve name for the hijacked domain can be directed to the attacker's machine.

Now imagine this happening to the most popular online banking website. Yes, things can be very creepy on the internet.

To clearly understand how this attack can happen and how it can be prevented read on the the illustrative guide linked at the beginning of the post. Doesn't matter even if you don't know how DNS works. The illustrative guide explains several things satisfactorily.

Happy Resolving ;-)

No comments:

Post a Comment