Aug 03 2008
Follow Up - DNS Vulnerability
Follow up to “Oops DNS Attack Disclosed! And once again DJB…” there is now a working exploit out. It is an exploit using MetaSploit, a tool used to conduct security vulnerability research. You can also test your network using Nessus by Tenable Network Security.
The released exploit is available at the MetaSploit trac here.
This is now being exploited in the wild. Now here is an issue I ran into. I updated our Bind servers and then tested and noticed we were still vulnerable. How could this be.. I was getting pissed then I noticed.
query-source port 53;
So check your /etc/named.conf and check for both
query-source port 53;
query-source-v6 port 53;
- Oops DNS Attack Disclosed! And once again DJB..." there is now a working exploit out. It is an exploit using MetaSploit, a tool used to conduct security vulnerability research. You can also test your network using Nessus by Tenable Network Security.
The released exploit is available at the MetaSploit trac here.
This is now being exploited in the wild. Now here is an issue I" title="LinkedIn">
