All the latest UK technology news, reviews and analysis

First DNS attacks reported

by Shaun Nichols

More from this author

28 Jul 2008

Comment: 1

  • Tweet this
Hacker
The first attacks on the high-profile Kaminsky DNS flaw have been reported

The first attacks to use the so-called Kaminsky DNS vulnerability have surfaced, according to reports.

A user named James Kosin sent details of the attack to a Fedora Linux mailing list.

Further reading

Kosin posted a log which he said was gathered on the night of 24 July. The attack attempts to access the server cache for entries to such sites as MySpace, eBay and Wachovia.

The attack targets a vulnerability in the Domain Name System in which an attacker could alter the cache on a DNS server to redirect site requests to malicious third-party sites.

"The spooks are out in full on this security vulnerability. Patch or upgrade now," wrote Kosin.

Industry experts, including Kaminsky himself, have issued similar warnings to administrators. Kaminsky held off releasing the details of the flaw until vendors could release a patch.

Exploit code for the vulnerability was posted last week as a module for the Metasploit framework.

Experts believe that most major ISPs and vendors have patched the flaw, but poorly-maintained DNS servers could still be open to the attack.

Do you agree?

Add your comment

Not an attack

That client IP (143.215.143.11) points back to the Georgia Institute of Technology. Likely someone doing their own tests and not a phisher/spammer/attacker.

Posted by: Kevin 28 Jul 2008

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

data-security-key

Thousands of public encryption keys found to offer no security

Related white papers

Related articles

Related jobs

Today's top stories

A Cisco logo on a building

Cisco asks EU to rethink approval for Microsoft's Skype buy

HP's Meg Whitman

HP plans to double R&D spend across all divisions

Mozilla Firefox logo

Mozilla adds Android and security updates to Firefox roadmap

Poll

IT priorities for 2012

What is the most important IT priority for your company this year?

99%

0%

1%

0%

0%

Features

V3 and The INQUIRER editor Madeline Bennett

BBC and Sky News show tough love with Twitter policies

V3's Rosalie Marshall

World indulges in a Facebook facts fest as firm prepares to float

facebook-new

Top five most interesting figures from Facebook’s IPO

Khidr headshot

Intel will prove Steve Jobs wrong in the mobile market

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Accurev

Top 5 software development challenges

This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes

Talend

Rubbish in, rubbish enterprise

Why good data management at all levels is essential in the modern business (video, 6mins)

Technology jobs

Order Processing Specialist

Order Processing Specialist - 12 Month Fixed Term Contract...

Inside Sales Manager - Berkshire - Global Software Co!

Great opening with one of the worlds leading information...

JAVA J2EE Developer required with RIA, web services, REST, JSON, AJAX

JAVA J2EE Developer required with RIA, web services...

Linux Administrator

Hi, Job Title : Linux Admin Location : Brussels...

To send to more than one email address, simply separate each address with a comma.