HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 144 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Otherarrow Interview With Dan Kaminsky On Massive Multivendor DNS Patch
EH-Net
May 23, 2013, 09:57:26 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Interview With Dan Kaminsky On Massive Multivendor DNS Patch  (Read 3311 times)
0 Members and 1 Guest are viewing this topic.
oneeyedcarmen
Full Member
***
Offline Offline

Posts: 233


Klaatu, Borada,Necktie?


View Profile
« on: July 08, 2008, 03:45:53 PM »
To those of you who are currently stuck as patch monkeys like me, hell, to everyone, this is HUGE!

Over on the Network Security Podcast, Dan talks about how he got the cooperation of damn near every vendor out there and developed the patches that were simultaneously released today (including MS08-037) patching a "gaping hole in the DNS protocol."

He basically states that on August 6 at BlackHat Vegas, he'll be releasing proof of the vulnerability.

To prove how rediculously huge this is, when have you ever seen all the competitors work on something together AND keep it secret?

(The CERT advisory Word doc lists all the vendors)
« Last Edit: July 08, 2008, 03:47:28 PM by oneeyedcarmen » Logged
Reluctant CISSP, Certified ASS
oneeyedcarmen
Full Member
***
Offline Offline

Posts: 233


Klaatu, Borada,Necktie?


View Profile
« Reply #1 on: July 10, 2008, 12:11:09 PM »
As a follow-up...

The M$ patch (MS08-037) is flawed.  I just spoke with a rep at M$ who stated that they are working on fixing it (it pretty much stops you from reaching the internetz if you have ZoneAlarm, and from reaching any update sites anyway), but that "it was a good thing that you haven't installed the latest patches for MS08-037."

How reassuring...
Logged
Reluctant CISSP, Certified ASS
Ketchup
Hero Member
*****
Offline Offline

Posts: 1021



View Profile
« Reply #2 on: July 10, 2008, 05:00:58 PM »
Why do you run ZoneAlarm? 
Logged
~~~~~~~~~~~~~~
Ketchup
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.081 seconds with 22 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.