July 8th, 2008: Important DNS Security Vulnerability
Jul 10, 2008 at 11:44 AM Thread Starter Post #1 of 8
LobsterSan

LobsterSan

MOT: kuboTEN
Joined
Oct 18, 2002
Posts
1,779
Likes
10
I took a quick scan of recent topics and didn't see this yet mentioned, but thought it was worthy of a look. If you haven't patched yourself yet, you may want to consider doing so soon as it looks like a fairly important vulnerability.

Here's a little more reading on the subject:

Dan Kaminsky Discovers Fundamental Issue In DNS: Massive Multivendor Patch Released | securosis.com

One note: when I patched my Windows XP installation, I lost my internet connection immediately after reboot. This was due to my version of ZoneAlarms Firewall. If you use ZoneAlarms, you should update to the latest version before you patch your XP installation. If you've already installed, you can temporarily set the "internet zone" to medium, which will allow you to grab the new version and upgrade and then put the settings back on high.
 
Jul 10, 2008 at 1:39 PM Post #2 of 8
Thanks for posting this! I installed the Windows Update and lost my Internet and couldn't remember if I had my Internet Zone set to High or Medium in Zone Alarm. So I set it to Medium and went on my way. If you hadn't posted this, I wouldn't have known about the Zone Alarm update because the Auto Update feature in ZA didn't notify me of the new version.
 
Jul 11, 2008 at 12:01 AM Post #4 of 8
Jul 11, 2008 at 1:22 AM Post #5 of 8
I'm an intern at an IT consulting company and this patch has killed the TCP/IP stack on some scattered machines (including a couple servers), preventing them from receiving SYN/ACKs on TCP port 80 connections. These machines exhibit the same behavior with the firewall turned off, and the issue is fixed with a system restore.

Just an FYI... turn on system restore before applying this patch!

Edit: In english, patch + internet = no.
 
You must log in or register to reply here.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
Back
Top