Extra Feeds & Services »

Home / News

Proposed "One-Character Patch" for DNS Has Serious Side Effects

  • Aug 31, 2008 9:32 AM PDT
  • Comments: 0
  • Views: 2,728
Print Comment
SecurityFocus

Last week a DNS researcher proposed a method to limit the DNS cache poisoning attacks by addition of a single character to the popular BIND name server software.

Robert Lemos of SecurityFocus reports: By changing a '<' to '<=' in a trust check in the Berkeley Internet Name Domain (BIND) server software, the patch would prevent a previously unknown server from poisoning the cache, unless the time to live (TTL)—a limit on the age of a name server entry—had expired. The suggestion, made by computer scientist Gabriel Somlo, would make exploitation of name server caches more difficult. However, the "one-character patch" also has some serious side effects, Dan Kaminsky..."

Read full story: SecurityFocus

Related topics: DNS, Security

Get a weekly summary of postings to CircleID:

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post
Print Comment

Comments

To post comments, please login or create an account.

Related Blogs

Just Say No, to Your ISP Subverting Your DNS Queries

  • Jun 25, 2009
  • Comments: 4

The Proxy Fight for Iranian Democracy

  • Jun 22, 2009
  • Comments: 2

No Honor Among Thieves on the Internet

  • Jun 18, 2009
  • Comments: 0

Most Popular Invalid TLDs Should Be Reserved

  • Jun 18, 2009
  • Comments: 2

Why Not an Interim Step Until DNSSEC is Ready?

  • Jun 18, 2009
  • Comments: 19
View More

Related News

US Teaming Up With Italy to Combat Cybercrime

  • Jun 30, 2009
  • Comments: 0

Trojans Fastest Growing Category of Data-Stealing Malware

  • Jun 30, 2009
  • Comments: 0

US Continues to Lead As Top Country Hosting Phishing Attacks

  • Jun 29, 2009
  • Comments: 0

Gary Warner: We Are Well Past Time to Declare a Spam Crisis in China

  • Jun 29, 2009
  • Comments: 4

SPECIAL: Updates from the ICANN Meetings in Sydney

  • Jun 26, 2009
  • Comments: 0
View More

Industry Updates – Sponsored Posts

Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands

NeuStar Addresses DNS Vulnerability with Cache Defender, a Secure DNS Authentication System

NeuStar Celebrates 10 Years of UltraDNS Managed DNS Service

A Seemingly Overwhelming Number of Important Documents Released by ICANN

.ORG First Open Top-Level Domain to be Signed with DNSSEC

  • By PIR
  • Views: 864

DNSSEC Industry Coalition Symposium is Announced

  • By PIR
  • Views: 917

NeuStar's UltraDNS to Power Growth of NDTV Convergence

SPIL GAMES Chooses MarkMonitor for Global Domain Management

Facebook Selects MarkMonitor Antifraud Solutions to Combat Malware

MarkMonitor AntiFraud Solutions, Combining Proven Antiphishing and Expert Antimalware Capabilities

Identify Infringing Domains to Optimize Online Search Marketing Spend

Consider Planning Now for Internationalized Top-Level Domains

DNSstuff.com Offers Trusteer Rapport Product to Help Users Boost Their Defenses Against Online Fraud

MarkMonitor AntiFraud Solutions Combine Proven Antiphishing and Expert Antimalware Capabalities

DNSSEC Industry Coalition Meets with Vint Cerf and Dan Kaminsky

  • By PIR
  • Views: 857

COCC Partners with MarkMonitor for Anti-Phishing Services

The DNSSEC Industry Coalition Announces the Formation of Its Registrar Review Team

  • By PIR
  • Views: 937

ICANN Mexico City Meeting Brings a Significant Shift in Direction for Brand Rights Holder Issues

MarkMonitor Year-in-Review Report Finds Online Abuse of Major Brands Was a Growth Industry for Fraud

DNSSEC FUD Buster: DNSSEC Slows the Internet?

  • By PIR
  • Views: 1,206
View More