Subscribe via RSS

Peer Power Blog

This blog is about the power of peers in the IT space. It is designed as a place to share things I have learned the past 24+ years running a business as well as meeting the growing demands of business owners we experience leading the Heartland Tech Groups - a peer group network for IT business owners.
Subscribe to this blog

Home
Home This is where you can find all the blog posts throughout the site.
Tags
Tags Displays a list of tags that have been used in the blog.
Archives
Archives Contains a list of blog posts that were created previously.

Is Your DNS Patched?

Posted by Arlin Sorensen on Friday, 25 July 2008 in Peer Power

Font size: Larger Smaller
Hits: 410
0 Comment
Print
PDF
Bookmark

In case you have been living under a rock for the past month like I have, you may not have heard about the DNS cache exploit recently discovered by Dan Kaminsky. I was on Microsoft campus this week and had several of the developers verify this is the real deal and patching needs to happen asap if you have not done it already. You also need to verify that WSUS got it done for you. This might be one of the most severe flaws discovered as it was cross platform affecting everything from Windows to Linux, UNIX, Cisco IOS etc.... It was so big in fact that all the major vendors worked together to get the patch issued on the same day. The flaw would allow an attacker to insert a malicious DNS record into the cache. As an end user you type in Internet address and rather than get the proper IP address the cache delivers the malicious IP address sending you somewhere else. You can find out more on the details of the flaw at Dan's blog.

You should make sure that you are patched. Make sure that your upstream ISP DNS servers are patched by calling them or using Dan's DNS Checker at the top of his website.
So why all of a sudden a rush to ensure you are patched? Well the patches issued by the vendors have been reverse engineered and exploit code has been published!

MS08-037 - Vulnerabilities in DNS Could Allow Spoofing (953230)
KB953230 - Vulnerabilities in DNS could allow spoofing

Go. Read. Patch. Now.

Arlin Sorensen

I am just a plain old Iowa farm boy who loves technology. Fortunately I have been blessed with a job of putting the two together, living here on the farm and leading our companies in the Heartland family - HTG, HLG, Varvid and HTS Ag. The real fun is the learning shared with peers through HTG Peer Groups. It is the relationships that make life worth living, and this industry is full of really awesome people. I am blessed every day!

Comments

No comments made yet. Be the first to submit a comment

Categories List

Peer Power

465 post(s)

Authors

Arlin Sorensen

465 post(s)

"I am just a plain old Iowa farm boy who loves tech..."

Thoughts From HTG Summit Part 3

Posted on Tuesday, 21 May 2013

Blog Roll

Login

Twitter

HTGmembers 4 HTG members attended the Entrepreneurs Organization's global leadership conference in Panama a few weeks ago.... http://t.co/ZZCJX9TMZy

08:40AM May 25

asorensen Isaiah 25 http://t.co/KCynpuyI2Q

02:05AM May 25

HTGmembers Have a safe and happy holiday weekend. Take some time to enjoy your friends and family. That's what life is really about.

03:00PM May 24

HTGmembers Congratulations to Jane Cage who received the first ever “Rick Rescorla National Award for Resilience” from... http://t.co/lQdHFTvfiL

10:05AM May 24

ChristySacco Happy Friday and I hope everyone has a great memorial day weekend! Take a moment to remember our troops.

08:09AM May 24

Latest Blog Entry

Thoughts From HTG Summit Part 3

On the plane ride home from Dallas, our team was talking and spending some time doing an informal debrief of our week together at the 2013 HTG Summit. I thought it would be good to review some of the

Read More