DNS Vulnerability update
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: DNS Vulnerability update
DNS Vulnerability update
25-07-2008 8:52 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
http://www.theregister.co.uk/2008/07/25/isps_slow_to_patch/
Of particular note:
[quote=El Reg]
Now that attack code exploiting the vulnerability has been leaked into the wild, millions of subscribers are at risk of being silently redirected to impostor sites that try to install malware or steal sensitive information. Comcast and Plusnet were the only two ISPs we found that weren't vulnerable.
Some back-patting required. Well done guys and gals
B.
Re: DNS Vulnerability update
25-07-2008 9:03 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
"In The Beginning Was The Word, And The Word Was Aardvark."
Re: DNS Vulnerability update
25-07-2008 9:17 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Excellent link axisofevil - some quite unbelievable stories.
Re: DNS Vulnerability update
25-07-2008 9:36 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
SO, if you are using DNS servers other than PN's, would that mean that being with PlusNet conferred no benefit for this situation (prior to the fixes being installed)
It's fairly academic now, I guess, but I'd be interested to see what people have to say nevertheless.
paul
Re: DNS Vulnerability update
25-07-2008 9:39 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
That's only if people are manually specifying DNS servers.
My default the router would automatically use ours.
Re: DNS Vulnerability update
25-07-2008 10:23 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote SO, if you are using DNS servers other than PN's, would that mean that being with PlusNet conferred no benefit for this situation
If you were using OpenDNS you would have been OK. They were not susceptible to the vulnerability - see here.
Re: DNS Vulnerability update
25-07-2008 10:29 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Makes me wonder about the validity of the test
Re: DNS Vulnerability update
25-07-2008 5:40 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Quote from: Jameseh That's only if people are manually specifying DNS servers.
well when I said veneer-thin I didn't mean so thin I didn't realise that ... still how were you to know?
But below the veneer, this question occurs to me: If someone were to leave their router at default (so it a
automatically picked up their ISP's DNS servers) but specified DNS servers in their Windows TCP/IP settings, which would take precedence?
paul
Re: DNS Vulnerability update
25-07-2008 9:21 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The DNS servers used will be those maually eneterd into the TCP/IP configuration in Windows.
Re: DNS Vulnerability update
25-07-2008 9:29 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- Re: DNS Vulnerability update