The first attacks to use the so-called Kaminsky DNS vulnerability have surfaced, according to reports.
A user named James Kosin sent details of the attack to a Fedora Linux mailing list.
The first attacks on the high-profile Kaminsky DNS flaw have been reported
First DNS attacks reported
User reports cache-poisoning attempt
vnunet.com, 28 Jul 2008
Advertisement
Kosin posted a log which he said was gathered on the night of 24 July. The attack attempts to access the server cache for entries to such sites as MySpace, eBay and Wachovia.
The attack targets a vulnerability in the Domain Name System in which an attacker could alter the cache on a DNS server to redirect site requests to malicious third-party sites.
"The spooks are out in full on this security vulnerability. Patch or upgrade now," wrote Kosin.
Industry experts, including Kaminsky himself, have issued similar warnings to administrators. Kaminsky held off releasing the details of the flaw until vendors could release a patch.
The spooks are out in full on this security vulnerability. Patch or upgrade now.
James Kosin
Exploit code for the vulnerability was posted last week as a module for the Metasploit framework.
Experts believe that most major ISPs and vendors have patched the flaw, but poorly-maintained DNS servers could still be open to the attack.
Further reading
Microsoft 'fix' cripples ZoneAlarm users
Hundreds of thousands left without web access
Microsoft issues monthly security pack
Nothing 'critical' about July update
Related whitepapers
Related jobs
Most read stories
Most commented stories
Most watched
Video Review: Sony Ericsson Xperia X1
First Looks Editor Ian Williams gets hands on with the Sony Ericsson Xperia X1
Advertisement
Advertisement
Hiring now on ComputingCareers:
Spotlight
Second Life seeks to mix the real and virtual worlds
Linden Lab unveils plans to integrate with social networks and...
Secondary navigation
Do you agree?
Have your say on this article