PCA Forums

Test your DNS servers NOW! Comcast for instance seems to be oblivious. If your ISP's DNS server is not patched, switch to OpenDNS immediately:

There's a DNS checker here: http://www.doxpara.com/?page_id=1159

Article:
http://www.betanews.com/article/Details ... 1216757301

Oh crap! That's bad stuff there. My work's DSL is bad.

Simplest fix is to change your DNS servers to OpenDNS on your PC. EVEN BETTER is to change the DNS on the router and if all the PCs on the network are setup to acquire it via DHCP then it's automatic.

Yeah, this is going to be real bad. Embarq DSL around here has already patched it by Comcast and Brighthouse cable are clueless. I'm remoting into all my client's servers and test right now.

thx done

thanks, updated my router

woot! hotel im at is bad! but home is ok.

Well, I had to remove the OpenDNS settings.....

I can not see local intranet sites, or Oracle on my laptop when connected via VPN.

So I can't work............

I get this at home on Verizon:

Your name server, at 68.xxx.xxx.xx, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 50.
Please talk to your firewall or gateway vendor -- all are working on patches, mitigations, and workarounds.

No idea what all this means (sorry but I'm not a network guru)

No idea.

Executioner wrote:I get this at home on Verizon:

Your name server, at 68.xxx.xxx.xx, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 50.
Please talk to your firewall or gateway vendor -- all are working on patches, mitigations, and workarounds.

No idea what all this means (sorry but I'm not a network guru)

i get the same result, Exec.

dslresports dot com has some info, but i do not understand it all,,

Okay this seems to be an issue on your ISP's end from what I'm reading on DSLReports, it's not your NAT router.

I would suggest that if you get this message your should be concerned that your ISP's DNS server can be spoofed and you should change your DNS to OpenDNS.

http://news.bbc.co.uk/2/hi/technology/7525206.stm


Attacks begin on net address flaw
Computer keyboard, BBC
Attackers could use the loophole to redirect web users to fake sites

Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.

The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.

In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.

Net security groups say there is anecdotal evidence that small scale attacks are already happening.

Address list

"We are in a lot of trouble," said security guru Dan Kaminsky who found the flaw in the net's Domain Name System (DNS) in March 2008.

"This attack is very good," he said. "This attack is being weaponised out in the field. Everyone needs to patch, please."

The DNS acts as the net's address system and helps computers translate the website names people use, such as bbc.co.uk, into the numerical equivalents preferred by machines.

If exploited the flaw would allow malicious hackers to direct people to fake sites even if that user typed in the correct address for the place they wanted to visit.

Now security researchers have come up with two separate methods for attacking the flaw.

The code used in the attacks has been added to a popular testing tool called Metasploit used by both good and bad hackers alike to find weaknesses in computer systems.
here come's everybody
The attack code was developed following the accidental leaking of the bug Mr Kaminsky discovered. Initially he had planned to release more information in October.

After being discovered in March, information about it was shared with large net organisations such as Cisco, Google, Yahoo and Microsoft to give them chance to produce patches and fixes.

Now net supply firms are being urged to get on with the job of updating their systems so customers are not left at risk.

New DNS exploit now in the wild and having a blast:

http://arstechnica.com/news.ars/post/20 ... blast.html

This would be less of an issue if the widely released patch from two weeks ago had been fully deployed, but a number of companies or ISPs don't seem to have gotten the memo. Accordingly to Kaminsky, some 52 percent of DNS servers are still vulnerable to the attack. This is a marked improvement from the 86 percent vulnerability rate in the days immediately following the patch's release, but it's still far too high, especially with dangerous code now squirreling its way across the Internet. Patch deployment is not an instant process, even if the company is on the ball, but we'll hopefully see the number of patched DNS servers skyrocket in the next few days.

good lawd,,,

Did a check again, and it looks like AT&T updated their servers