Thursday, July 17, 2008

DNSstuff Freeware Detects Vulnerable DNS Servers

Brian Prince writes on eWeek: is offering a free tool for organizations looking to test the susceptibility of their domain name servers to a fundamental flaw in the Domain Name System (DNS) protocol revealed publicly last week.

A provider of on-demand DNS and network analysis tools, DNSstuff made the freeware, which company officials have dubbed DNS Vulnerability Check, available on its site Wednesday. The tool is meant to test for the vulnerability reported by Dan Kaminsky, director of penetration testing for IOActive.

The researcher reportedly uncovered a flaw in the DNS protocol that can be exploited to poison DNS server caches and re-direct Internet traffic. While he has publicly kept details of the vulnerability close to his vest, several vendors coordinated the release of a patch in response.

More here.


Post a Comment

<< Home