It's here. Another malicious DNS exploit that allows for remote manipulation of DNS records. DNS poisoning and Man-In-The-Middle attacks are nothing new, but they just got much easier.
Researcher Dan Kaminsky's recent warnings are now very real. A number of remote DNS attacks that allow for the redirection of legitimate Internet traffic. No breaking through firewalls, no stealing passwords, no decrypting secret messages, just a simple tool to tell a DNS server to send traffic meant for a major corporation to any server of an attacker chooses. And the tools are free to download (bailiwicked_host | bailiwicked_domain | kaminsky-attack).
Razorpoint's Rz.DataWatch service (launched in May 2007) is still the best detection and defense against these types of attacks.
New DNS Exploit In The Wild
Posted by Razorpoint Security Technologies at 11:34 AM
1 Comment:
Yes, be careful with DNS.
Post a Comment