Hacker
Exploit code has surfaced for the infamous 'Kaminsky DNS flaw'
R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Exploit emerges for DNS flaw

First attack tool created for vulnerability

Shaun Nichols in San Francisco, vnunet.com 25 Jul 2008
ADVERTISEMENT

Exploit code has surfaced for a high-profile security flaw in the Domain Name System.

Researchers H D Moore and 'Druid' have developed a module which is capable of exploiting the vulnerability. The module runs through Metasploit, a vulnerability-testing framework built by Moore.

The exploit code is the first to appear for the DNS cache-poisoning flaw first discovered by researcher Dan Kaminsky.

The release of the module comes just days after details of the flaw were disclosed by fellow researcher Halvar Flake.

Kaminsky said that he had found the flaw, but refrained from disclosing the details until vendors could issue a patch. He planned to unveil the details at next month's Black Hat conference.

Details of the vulnerability were not made publicly available, but Kaminsky shared his research with a number of hardware and software vendors, prompting one of the largest mass-patch rollouts in history.

That policy may have helped to avoid a major catastrophe, as most servers were protected even before details on the flaw were known.

Zulfikar Ramzan, technical director of Symantec's Security Technology and Response team, told vnunet.com that the exploit code adds little danger to the situation at this point.

"My impression is that most of the major ISPs have already patched," he said. "At this stage I don't know if it is going to affect end users."

Ramzan added that, while there are a large number of servers that have not been patched, many are poorly maintained and are likely to be open to older, more established attack methods anyway.

He also noted that, although the module has the ability to exploit the flaw, it is far from a real-world attack by actual criminals.

However, administrators may not be out of the woods just yet. Ramzan said that a greater danger could come after Kaminsky posts the full details of the flaw and attackers get a better look at the nature of the vulnerability.

"There is a saying in the security community that attacks always get better, they never get worse," he warned. "Someone might develop variations on the attack that are more potent."

Microsoft
Microsoft issues monthly security pack
Nothing 'critical' about July update  09 Jul 2008
Search
DNS celebrates 25th birthday
Milestone for Domain Name System which underpins the web  30 Jan 2008
Malware writers exploit Bhutto killing
Hackers use assassination to push Trojans  03 Jan 2008

All Hacking
Tags: Dns, Kaminsky, Security

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
Software Test Engineer
| JAM Recruitment
Software Test Engineer 6 Weeks Contract £ 35 per hour Wiltshire We have an urgent need for a Software Test Engineer. Main Duties: ·Sound understanding of full software lifecycle ·Solid experience in requirements analysis ·Requirements ... more >
Software Test Engineer
| JAM Recruitment
Software Test Engineer 3 Months Contract £35 per hour Wiltshire We have an urgent need for a Software Test Engineer. Main Duties: ·Sound understanding of full software lifecycle ·Solid experience in requirements analysis ·Requirements based ... more >
Business Analyst
| Aston Carter
Major Investment Bank requires a Business Analyst to work within reference data IT. The reference data IT function is responsible for the three internal systems. One of the systems is a strategic repository for Client ... more >
Occupational Health Opportunities
| JAM Recruitment
Job Ref: CY - 27021979 Package: £25 – 42,000 +Bens Location: YORKSHIRE Job type: Occupational Health Position type: Permanent Hours: Full time Contact name: Mr Colin Youle Contact Company: JAM HUMAN RESOURCES Are you a ... more >
More job opportunities
Accountancy Age
Active Home
Best Practice
Computeractive
Computing
Computing Business
CRN
Financial Director
Infomatics
Information World Review
IT Week
Management Consultancy
Network IT Week
Personal Computer World
PC Magazine
VNU Web seminars
vnunet.com
Webactive
What PC?
Useful links: About vnu network | Privacy policy | Terms & conditions
Access keys | Top of page | Feedback
VNU Business Publications
© 1995-2008 All rights reserved
VNU Business Publications Ltd., 32-34 Broadwick Street, London, W1A 2HG, is a company registered in England and Wales with company number 01513633
part of part of vnu.net europe