Saturday, August 16, 2008

Security Tip - Recent DNS Vulnerability

A new DNS vulnerability was recently discovered and information about it was released to the public last month. You may have heard about it in various tech-related news stories. Google "kaminsky dns vulnerability" for more info. A lot of the coverage and commentary is about how the information was released but that is not what I am interested in here.
DNS is what translates English into IP. When you type www.ups.com, some DNS server somewhere translates that to 96.6.81.243, which is what your computer needs to know to get you the UPS site so you can send a package. If you have ever configured a computer to use the Internet you know that one of the blanks you have to fill in is for the DNS server. You usually get that information from your ISP. It is usually the DNS server your ISP maintains for all of their clients.
It is pretty important that the DNS server you use has been patched to be resistant to this particular flaw. How do you know if the DNS server you use has been patched? That's what I want to tell you today.
Point your browser to www.dnsstuff.com. In the "DNS Vulnerability" box, click on "TEST NOW". Wait for it to process. If all the results come back "good" or "great" then you have an ISP that has taken care of this problem on their DNS server. If your result is less, such as "fair" or "poor", then call your ISP, tell them about your results, and request they patch their DNS server.
If they don't fix it, use a different DNS server. Have a look at opendns.com for more info.

1 comment:

Suzanne said...

For anyone who's interested in learning a lot more about how DNS works and this vulnerability occurred, it's the major topic of Security Now Episode #155.