Home / News

Proposed "One-Character Patch" for DNS Has Serious Side Effects

Last week a DNS researcher proposed a method to limit the DNS cache poisoning attacks by addition of a single character to the popular BIND name server software.

Robert Lemos of SecurityFocus reports: By changing a '<' to '<=' in a trust check in the Berkeley Internet Name Domain (BIND) server software, the patch would prevent a previously unknown server from poisoning the cache, unless the time to live (TTL)—a limit on the age of a name server entry—had expired. The suggestion, made by computer scientist Gabriel Somlo, would make exploitation of name server caches more difficult. However, the "one-character patch" also has some serious side effects, Dan Kaminsky..."

Get CircleID's weekly roundup of postings:

Read full story: SecurityFocus

See related topics: DNS, Security

 Master Feed (more feeds)      Twitter      Mobile
Bookmark / Email This Post

Comments

To post comments, please login or create an account.

Related News

Related Blogs

Industry Updates