Comments on: DNS cat is likely out of the bag http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/ Thu, 05 Jan 2012 11:44:23 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Room362.com » Blog Archive » iPhone + ATT + DNS = Bad Juju http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-376 Room362.com » Blog Archive » iPhone + ATT + DNS = Bad Juju Wed, 04 Mar 2009 19:43:17 +0000 http://www.mcgrewsecurity.com/?p=151#comment-376 [...] In depth explination: http://www.mcgrewsecurity.com/?p=151 [...] [...] In depth explination: http://www.mcgrewsecurity.com/?p=151 [...]

]]> By: Patch DNS Anda | Information Security Blogs http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-375 Patch DNS Anda | Information Security Blogs Tue, 05 Aug 2008 05:05:10 +0000 http://www.mcgrewsecurity.com/?p=151#comment-375 [...] traffic jaringan internet secara massal, detail mengenai flaw ini sendiri dapat di refer di McGrew Security selain itu juga anda bisa refer ke personal blog Dan Kaminsky ataupun ke Common Vulnerability and [...] [...] traffic jaringan internet secara massal, detail mengenai flaw ini sendiri dapat di refer di McGrew Security selain itu juga anda bisa refer ke personal blog Dan Kaminsky ataupun ke Common Vulnerability and [...]

]]> By: william http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-374 william Tue, 22 Jul 2008 21:10:29 +0000 http://www.mcgrewsecurity.com/?p=151#comment-374 Gotcha! Thanks!! Gotcha! Thanks!!

]]> By: Securabyte Episode 1: DNS Haiku | SecuraBit http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-373 Securabyte Episode 1: DNS Haiku | SecuraBit Tue, 22 Jul 2008 17:02:39 +0000 http://www.mcgrewsecurity.com/?p=151#comment-373 [...] In depth explanation of the vulnerability: http://www.mcgrewsecurity.com/?p=151 [...] [...] In depth explanation of the vulnerability: http://www.mcgrewsecurity.com/?p=151 [...]

]]> By: admin http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-372 admin Tue, 22 Jul 2008 14:55:21 +0000 http://www.mcgrewsecurity.com/?p=151#comment-372 Hi William! OpenDNS implements source port randomization, which adds another (roughly) 16 bits of entropy to what an attacker would have to guess to get this working, basically making the attack infeasible. This is also what the patches that are available for various DNS servers do. Hi William!

OpenDNS implements source port randomization, which adds another (roughly) 16 bits of entropy to what an attacker would have to guess to get this working, basically making the attack infeasible.

This is also what the patches that are available for various DNS servers do.

]]> By: william http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-371 william Tue, 22 Jul 2008 09:55:47 +0000 http://www.mcgrewsecurity.com/?p=151#comment-371 Very interesting! My only question: how do we know that OpenDNS is safe? Seems like if you can exploit OpenDNS, you have hit a huge number of computers. Very interesting!

My only question: how do we know that OpenDNS is safe?

Seems like if you can exploit OpenDNS, you have hit a huge number of computers.

]]> By: Security4all http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-370 Security4all Mon, 21 Jul 2008 23:42:37 +0000 http://www.mcgrewsecurity.com/?p=151#comment-370 It got published by error. But it's already cached in Google reader and God knows how many other bots & readers that tune to their RSS feed. Matasano has published a public apology: http://www.matasano.com/log/1105/regarding-the-post-on-chargen-earlier-today/ It got published by error. But it’s already cached in Google reader and God knows how many other bots & readers that tune to their RSS feed.

Matasano has published a public apology:
http://www.matasano.com/log/1105/regarding-the-post-on-chargen-earlier-today/

]]> By: Network Security Blog » Patch DNS now http://www.mcgrewsecurity.com/2008/07/21/dns-cat-is-likely-out-of-the-bag/#comment-369 Network Security Blog » Patch DNS now Mon, 21 Jul 2008 23:03:37 +0000 http://www.mcgrewsecurity.com/?p=151#comment-369 [...] don’t know the details yet, but according to McGrew Security, someone at Matasano let out the details of the DNS vulnerability earlier today. And Dan Kaminsky [...] [...] don’t know the details yet, but according to McGrew Security, someone at Matasano let out the details of the DNS vulnerability earlier today. And Dan Kaminsky [...]

]]>