Kaminsky Reveals Details, Info On Major DNS Flaw At Black Hat

August 7, 2008

Dan Kaminsky stood up before a room full of eager people at the Black Hat conference in Las Vegas, as he talked for the first time giving details on a major DNS flaw....Las Vegas (ChattahBox) – Dan Kaminsky stood up before a room full of eager people at the Black Hat conference in Las Vegas, as he talked for the first time giving details on a major DNS flaw.

The major DNS flaw was revealed to the public by accident back on July 21, when it was posted by Matasano Security, as well as Halval Flake.

The original plan was for Kaminsky to keep it quiet until the Black Hat conference.

After it was made public in July, Kaminsky urged companies to patch immediately to avoid problems.

Kaminsky stated that DNS is like the online version of 411, and if the DNS breaks, everything else shuts down with it.

The major DNS flaw has to do with DNS cache poisoning, and works by allowing a hacker to re-route you from a site, to malicious content.

A hacker could take control over where you are routed to, so if you typed in Google.com you could be brough to a different with harmful content.

This can apparently impact e-mail as well, as there are 35 different ways to execute the attack.


Comments

Got something to say? **Please Note** - Comments may be edited for clarity or obscenity, and all comments are published at the discretion of ChattahBox.com - Comments are the opinions of the individuals leaving them, and not of ChattahBox.com or its partners. - Please do not spam or submit comments that use copyright materials, hearsay or are based on reports where the supposed fact or quote is not a matter of public knowledge are also not permitted.