Previous Posts

 Performance Tuning for Windows 2008 Server

Find out when the last reboot occurred (Updated)

Microsoft Hyper-V (I'm Impressed!)

Vista/2008 Remote Control Beta

IntelliAdmin LAN Beta

Free Windows Security Guides

How to purchase Windows XP after June 30th

Run Sysinternals directly from the Internet

Update your DNS Server - NOW!

Block XP SP3 - Stop the madness



Archives

May 2005

January 2006

April 2006

May 2006

June 2006

July 2006

September 2006

October 2006

November 2006

December 2006

January 2007

February 2007

March 2007

April 2007

May 2007

June 2007

July 2007

August 2007

September 2007

October 2007

November 2007

December 2007

January 2008

February 2008

March 2008

April 2008

May 2008

June 2008

July 2008

August 2008

September 2008

October 2008

November 2008



Subscribe to our Feed:

Make sure you patch your DNS Servers

If you like this article, then sign up for our email newsletter to get more like it every day in your inbox

There has been a story starting to brew about a serious DNS security flaw. The details of the flaw have finally been leaked here:

Information Week Article

This is one of those problems that is easy to ignore, but could become a huge nightmare if left unchecked.

Essentially the flaw allows an attacker to redirect clients to a different IP address for a particular domain.

For example, when you go a website (Lets take www.chase.com as an example) the domain name is translated into an IP address. In this case that IP address is run by Chase and responds to your request. When someone exploits the flaw they could redirect www.chase.com to go to their server, and present a fake login.

This is a simple example, and the possibilities are much worse than that. Imagine an attacker redirecting *all* of your traffic through their server. They could then use this opportunity to push spyware to you with every page you visit.

Many of you may not have a choice, since your DNS may be run by your ISP, but if you are running Windows based DNS servers, I suggest installing the patch as soon as possible:

Microsoft DNS Patch

I wish I could say the patch works flawlessly, but some clients of ours have reported that it has caused issues with Active Directory. Still...most of these problems are far and few between and are usually due to an odd configuration...such as having a domain controller with 127.0.0.1 as its primary IP address.

So with that in mind I would make sure you deploy the patch after hours and do lots of testing.

One more thing - you can test your DNS server for the flaw by visiting http://www.doxpara.com/ on the right there is a button that says "Check My DNS" It will tell you if your DNS server is vulnerable to the flaw.


Posted By: Steve Wiseman on Wednesday, July 23, 2008

Check out our utilities for windows

 
Home|Downloads|Products|Blog
Copyright © IntelliAdmin, LLC, 2008. All Rights Reserved
Privacy Policy