Is Your DNS Patched?是您的DNS補丁?
In case you have been living under a rock for the past month you have most likely heard about the DNS cache exploit recently discovered by如果你已經生活在一塊石頭在過去的一個月你最有可能聽到DNS緩存利用最近發現的 Dan Kaminsky . This might be one of the most severe flaws discovered as it was cross platform affecting everything from Windows to Linux, UNIX, Cisco IOS etc.... It was so big in fact that all the丹卡明斯基。這可能是一個最嚴重的安全漏洞發現,因為它是跨平台的影響一切從Windows到Linux , UNIX的,思科公司的IOS等...這是這麼大的事實,即所有的 major vendors worked together to get the patch issued on the same day. The flaw would allow an attacker to insert a malicious DNS record into the cache. As an end user you type in主要供應商共同努力,下載補丁程序發出的同一天。這個漏洞將允許攻擊者插入一個惡意DNS記錄到緩存。作為一個最終用戶的您鍵入 www.technet.com and rather than get the proper IP address the cache delivers the malicious IP address sending you to ???? You can www.technet.com和,而不是得到適當的IP地址的緩存提供了惡意IP地址寄給您呢? ? ? ?您可以 find out more on the details of the flaw at Dan's blog.找到更多的細節,這個安全漏洞在丹的博客。
You should also make sure that you are patched. Make sure that your upstream ISP DNS servers are patched by calling them or using Dan's DNS Checker at the top of his website.您也應該確認您是補丁。請確保您上游的ISP DNS服務器補丁,呼籲他們或利用丹的DNS檢查頂部的個人網站。
So why all of a sudden a rush to ensure you are patched? Well the那麼,為什麼突然趕,以確保您的補丁?好 patches issued by the vendors have been reverse engineered and補丁發布的廠商一直在逆向工程和 exploit code has been published ! Dan has said many times that this is an extremely easy to launch exploit that could be implemented in seconds.利用代碼已經發布!丹已經說過很多次,這是一個非常容易利用發射,可在幾秒鐘內實施。
KB953230 - Vulnerabilities in DNS could allow spoofing KB953230 -在D NS中的漏洞可能允許欺騙
Go. 離去。 Read. 閱讀。 Patch. 修補程序。 Now. 現在。
And when you are done, copy and paste this blog post to your blog, email it to your IT Pro buddies, get the word out!當你的工作要做,複製並粘貼此博客張貼到您的博客,通過電子郵件發送給您IT Pro的朋友,讓這個詞了!
If you have links to the patches from other vendors, please leave a comment with the URL!如果你有聯繫的補丁從其他供應商,請發表評論的網址!
Written by rodney.buike. 撰稿rodney.buike 。 Read more great feeds at is source 閱讀更多的是供稿源 WEBSITE 網站
no comments 沒有評論 . 。
Read more articles on 閱讀更多文章 rodney.buike rodney.buike and 和 otherSoftware otherSoftware and 和 DNS 的DNS and 和 Security 安全 . 。
- [+] Digg [ + ] Digg的 : Feature this article :特徵本文
- [+] Del.icio.us [ + ] Del.icio.us : Bookmark this article : 06條
- [+] Furl [ + ]卷 : Bookmark this article : 06條
