On MovieTome: SEX AND THE CITY clips are here!
BNET Business Network:
BNET
TechRepublic
ZDNet

ZDNet Resources

RPC DNS exploit can compromise your whole company
RPC DNS exploit can compromise your whole companyInsert Bash Microsoft Statement BelowAlthough BIND and others have had their share of DNS problems, I know the Zealots are aching to comment on the poor design of Microsoft's DNS.Restart DNS serviceStopping and restarting the DNS service enables the registry hack and blocks...
Tags: Domain names, NETWORKING, SECURITY, DNS, RPC, BIND, perimiter firewall, RPC DNS, internal network, DMZ-Server, DNS Service, whole company, network, firewall
Discussion threads 2007-04-18

Additional Resources

How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerabilityOpenDNS is greatI have been using OpenDNS for over 5 months now on the company network and it does a great job for us. I would recommend everyone use this tool as it has increased our DNS...
Tags: Domain names, NETWORKING, OpenDNS, MaraDNS, Powerdns, DNS Cache Poisoning Vulnerability, DNS
Discussion threads 2008-07-25
Microsoft joins 'patch DNS now' chant; Apple patch missing
Microsoft joins 'patch DNS now' chant; Apple patch missingI couldn't make this stuff up if I triedSeriously, I'm not that creative.[url=http://talkback.zdnet.com/5208-12691-0.html?forumID=1&threadID=48138&messageID=898138] Apple fan explains why Apple isn't responsible for PWN2OWN vulnerability [/url][i]A Perl exploit isn't an Apple bug, anymore than the Flash exploit on the Vista machine was a Microsoft...
Tags: Apple Mac OS X, Domain names, Apple Mac OS, Operating systems, DNS, Microsoft Corp., Apple Inc.
Discussion threads 2008-07-25
Microsoft joins 'patch DNS now' chant; Apple patch missing
On the heels of the release of weaponized exploit code for the DNS cache poisoning vulnerability, Microsoft has joined the chorus of security pros pleading with DNS server providers to immediately apply patches to protect users from malicious attacks. The Redmond, Wash. security...
Tags: Apple Macintosh, DNS, Vulnerability, Apple Inc., Exploit Code, Microsoft Corp., Attack, Dan Kaminsky, Domain Names, Apple Mac OS X, Networking, Security, Internet, Operating Systems, Software, Apple Mac OS, Ryan Naraine
Blog posts 2008-07-25
A Friday Active Directory puzzler
A Friday Active Directory puzzlerSuggestions...Have you installed the required hotfixes and patches in the 2000 environment? http://support.microsoft.com/kb/331161similar problemupgraded a larger AD domain from 2000 to 2003 by adding a 2003 server.Depending on the error, it could be a lot of things.I got a similar error.it came down to using the...
Tags: Friday Active Directory puzzler, Friday Active Directory, puzzler
Discussion threads 2008-07-25
How OpenDNS, PowerDNS and MaraDNS remained unaffected by the DNS cache poisoning vulnerability
The short answer is being paranoid about tackling a known vulnerability. It's 2001, and Daniel J. Bernstein DJB, author of the then popular djbdns security-aware DNS implementation, is applying basic math principles to raise awareness on what's to turn into the "sky is falling" critical Internet vulnerability in 2008, in...
Tags: DNS, Vulnerability, Anomaly, Attack, OpenDNS, MaraDNS, NSS, Domain Names, Networking, Internet, Dancho Danchev
Blog posts 2008-07-25
News to know: 'Spam king' dead; Microsoft's cloud; Dell;
Notable headlines: Ryan Naraine: Escapee 'Spam King' dead in apparent murder-suicide CBS Denver Video: 'Spam King' Inmate Dies Along With Wife, Daughter Mary Jo Foley: Ozzie foreshadows 'Zurich,' Microsoft's elastic cloud Microsoft to get more 'Apple-like' in PC,...
Tags: Larry Dignan
Blog posts 2008-07-25
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soonTTLSomething I wish I'd asked during the webcast and which I can't quite get my head around:It was said that setting a long TTL doesn't help because of the way delegation works - has to...
Tags: Domain names, DNS server, TTL, server, Kaminsky
Discussion threads 2008-07-24
Kaminsky suggests long-term fix will still have to be determined, but patch now, or pay soon
I listened to the Black Hat webcast today to grab as much info as I could on this subject. The biggest thing that I heard from the whole talk is that the patch fixes things to a reasonable point, but that long-term, there will have to be more work...
Tags: CERT, DNS Server, Server, Kaminsky, Dan, Patches, Domain Names, Security, Internet, Nathan McFeters
Blog posts 2008-07-24
AT&T iPhones exposed to DNS cache poisioning? Or not?
Here's a photo of my iPhone after running Dan Kaminsky's Doxpara DNS Checker tool a few minutes ago: I ran the same test at the DNS-OARC's DNS checker and got this:  209.183.33.23 (schinetdns.mycingular.net) appears to have GREAT source port randomness and GREAT transcation...
Tags: DNS, AT&T Corp., Domain Names, Networking, Internet, Ryan Naraine
Blog posts 2008-07-24
News to know: DNS flaw; Amazon; Microsoft shakeup; Facebook
Notable headlines: Ryan Naraine: Researchers borrow from Google PageRank for network defense service Attack code published for DNS flaw Nate McFeters: |)ruid and HD Moore release part 2 of DNS exploit 'Spam King' escapes from federal prison iPhone vulnerable to phishing,...
Tags: Apple iPhone, Facebook, DNS, Amazon.com Inc., Microsoft Corp., Microsoft Xbox, Flaw, Game Players, Domain Names, Networking, Security, Consumer Electronics, Personal Technology, Internet, Larry Dignan
Blog posts 2008-07-24
|)ruid and HD Moore release part 2 of DNS exploit
|)ruid and HD Moore release part 2 of DNS exploitSo, Linux's BIND the first to be exploited...So, Linux's BIND the first to be exploited...Nice work!CoolNate, nice post and analysis!Wasn't the replacing the ns.victim.com cache entry part of the Halvar Flake speculation? I thought first part of the exploit was to...
Tags: Domain names, NETWORKING, Operating systems, Alecco, DNS, ruid, exploit, HD Moore, Linux
Discussion threads 2008-07-24
Code Diffs for DNS Exploit Code
Diffs between revisions of the exploit code released by HDM and |)ruid. Generated by Billy Rios. by Nathan McFeters
Tags: Revision, DNS, Exploit Code, Domain Names, Networking, Internet, Nathan McFeters, diffs, code, Exploit, HDM, |)ruid, Billy, Rios, McFeters, Nate, Nathan, screenshots
Image galleries 2008-07-23
|)ruid and HD Moore release part 2 of DNS exploit
[Updated 07/24/2008: Gallery images of diffs of code revisions has been included and will be updated as things change, see here.] Earlier today, noted researchers |)ruid and HD Moore released exploit code for the Metasploit tool for attacking the DNS flaw that was originally reported by Dan...
Tags: DNS, Domain, Server, Entry, Exploit, NS, NS Record, Domain Names, Networking, Internet, Nathan McFeters
Blog posts 2008-07-23
Attack code published for DNS flaw
Attack code published for DNS flawIrresponsible and evil"In an IM exchange, Moore told me his exploit takes about a minute or two to poison a DNS cache but said he is working to improve it in version 2.0."As far as i am concerened he is just an evil person to...
Tags: Domain names, Halvar, exploit, DNS
Discussion threads 2008-07-23
Attack code published for DNS flaw
The urgency to patch Dan Kaminsky's DNS cache poisoning vulnerability just went up a few notches. Exploit code for the flaw, which allows the insertion of malicious DNS records into the cache of the target nameserver, has been added to Metasploit, a freely distributed attack/pen-testing tool....
Tags: Ryan Naraine
Blog posts 2008-07-23
iPhone vulnerable to phishing, spamming flaws
iPhone vulnerable to phishing, spamming flawsBut I was told OS X would save me from things like this.[i]In the meantime, iPhone users should avoid clicking on links in the Mail app that refers to trusted sites.[/i]So if my mom sends me a link to a web album, I shouldn't open...
Tags: Spam, Cyberthreats, Desktops, SECURITY, spamming, Apple iPhone, PC, phishing
Discussion threads 2008-07-23
A look at the recent Firefox 3 vulnerability
A look at the recent Firefox 3 vulnerabilityLOLAlways makes me laugh when a Firefox article is written critical of it, no one adds an opinion.If this were about IE, the thread would be huge.quit making such a big deal, read moreWhy do people write about security vulnerabilities that have happened...
Tags: Web browsers, SECURITY, vulnerability, Mozilla Firefox, Mozilla Firefox 3.0
Discussion threads 2008-07-23
News to know: Yahoo; VMware; Apple; DNS vulnerability
Notable headlines: Ryan Naraine: Vulnerability disclosure gone awry: Understanding the DNS debacle RIM ships fix for BlackBerry code execution bug Dancho Danchev: Georgia President's web site under DDoS attack from Russian hackers 75% of online banking sites found vulnerable to security design...
Tags: Apple iPhone, Google Inc., Larry Dignan, DNS, Yahoo! Inc., Vulnerability, Dana Blankenhorn, Health Care, Apple Inc., VMware Inc., App Store, Banking, Vertical Industries, Domain Names, Benefits, Healthcare, Security, Financial Services, Enterprise Software, Software, Internet, Human Resources
Blog posts 2008-07-23
Georgia President's web site under DDoS attack from Russian hackers
From Russia with political love? It appears so according to a deeper analysis of the command and control servers used by the attackers. During the weekend, Georgia President's web site was under a distributed denial of service attack which managed to take it offline for a couple of hours. The...
Tags: Web, Russia, Server, Web Site, Hacker, Distributed Denial Of Service, Georgia, Attack, Russian, Shadowserver, C&C, C&C Server, Web Site Development, Security, Internet, Dancho Danchev
Blog posts 2008-07-22
  • << Previous
  • page 1 of 1
  • Next >>
advertisement
Click Here
advertisement