Newsletters

Select newsletters below and click the button to sign up!

Boston News NY News
DC News Internet Daily
SiliconValley News
InternetNews Business Report




Become a Marketplace Partner


Partner With Us


Internetnews Bloggers

Recent Entries

Archives

July 2009
Sun Mon Tue Wed Thu Fri Sat
      1 2 3 4
5 6 7 8 9 10 11
12 13 14 15 16 17 18
19 20 21 22 23 24 25
26 27 28 29 30 31  

Monthly Archives

Search The Blog

Netstat -vat by Sean Michael Kerner (bio)

A command line view of IT



BIND 9 DNS under attack - time to update

By Sean Michael Kerner on July 29, 2009 8:59 AM
isc_small.gif
From the 'yeaaah DNS, again' files:

It was about a year ago that security researcher Dan Kaminsky reported his DNS flaw that affected many vendors and the internet itself.  DNS - particularly BIND 9 is now at risk from another flaw for which an exploit is already available.

BIND 9 is a popular open source DNS server, and arguably the most deployed DNS server in use today. So even though this is a flaw in one DNS server (as opposed to DNS itself which was Kaminsky's flaw), it is highly critical.

According to an advisory from the ISC (Internet Systems Consortium) that is the lead sponsor behind BIND:
Receipt of a specially-crafted dynamic update message to a zone for which the server is the master may cause BIND 9 servers to exit. Testing indicates that the attack packet has to be formulated against a zone for which that machine is a master. Launching the attack against slave zones does not trigger the assert.
The end result is a denial of service attack. ISC has an update out now and is urging users to upgrade. So do yourself a favor and upgrade to the patched versions 9.4.3-P3, 9.5.1-P3 or 9.6.1-P1.

| Comments (1) | TrackBacks (0) | Share

Tags:

0 TrackBacks

Listed below are links to blogs that reference this entry: BIND 9 DNS under attack - time to update.

TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/8577

1 Comments

Lisa Hagemann said:

At Dynamic Network Services we got our DNS servers updated last night as soon as the vulnerability was announced. Couldn't risk an attack.

We noticed (thanks to DNSCog.com) this morning that several popular ISPs and domain registrars that offer DNS services had not yet patched.

Do they think they're not vulnerable.

We put up a blog post talking about our experience and give a short MOP at the end for FreeBSD updates. Hope others will follow our lead. http://dynamicnetworkservices.com/journal/BINDVulnerabilityPatch

July 29, 2009 6:17 PM

Leave a comment