funsec mailing list archives
Re: ISPs and the DNS Bug
From: "Åke Nordin" <polymorpevz () gmail com>
Date: Wed, 30 Jul 2008 00:49:08 +0200
On Tue, Jul 29, 2008 at 10:41 PM, Larry Seltzer <larry () larryseltzer com> wrote:
Has anyone seen any tests of major ISPs and whether they've all patched the DNS bug? I only know that my own Verizon server is not vulnerable. I assume the real problem is all those vulnerable home routers out there.
My home router doesn't cache DNS (it simply nat's the query), but it's rather old so it may not be representative of what's out there nowadays. My provider was patched when I checked the first time, most Swedish providers seems to have been when the sploits started to be published. This info isn't from some grand survey, but a mailing list for web and media types in Sweden which carried a "whodunit" thread a while ago. I think the corporate world is worse. Some Major Corporations out there were (still are?) vulnerable far longer than one would believe. Methinks it's because the other odd IT manager typically is on vacation and the acting people aren't all that comfy with taking responsibility for a large update to the infrastructure. Quite a few does their online banking from work (it even looks like working...8^) so I'd wager that the majority of pharming victims will be there. A little diligence from the pharmers will let them target corporations with poor or nonexistent surveillance of it's infrastructure so the venture may have a substantial chance of passing undetected until the banks start to investigate the frauds. -- Åke Nordin Unix/net geek, Netia.se consultant, Stacken member. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ISPs and the DNS Bug Larry Seltzer (Jul 29)
- Re: ISPs and the DNS Bug Åke Nordin (Jul 29)
- Re: ISPs and the DNS Bug John LaCour (Jul 29)
- Re: ISPs and the DNS Bug Larry Seltzer (Jul 29)