dan kaminsky

ISP Planet: "Redwood City, Calif.-based Nominum, the DNS company singled out for praise by Dan Kaminsky in his DNS threat presentation to the Black Hat conference... has modified its Vantio DNS product to defeat the Kaminsky attack."

Dan Kaminsky spoke to a packed house at Black Hat on 6 August to outline the fundamental flaw he found in the Domain Name System (DNS).

The vulnerability is interesting in its own right, but the implications of what can be done with it are staggering.

In addition, the "fix" has well understood shortcomings that can still potentially be exploited to poison DNS caches.

Click below, subscribers only, for an update on the vulnerability, including its details and impact.

InfoWorld: "The number one presentation of the conference was IOActive's Dan Kaminsky's talk on his recent DNS exploit find.

There was some question if there would still be any interest in the topic since the details of Dan's exploit leaked out two weeks ago.

The question was answered by a standing room-only crowd of thousands that filled the largest conference room long before the scheduled start time."

LinuxInsider: "f security researcher Dan Kaminsky is right about the dangers threatening DNS security, how come nobody's drawn attention to any specific, massively mobilized exploits of the vulnerability?

It's because of the nature of DNS -- servers are indeed being continuously poisoned, according to admins, but it's hard to tell exactly who's being exploited and how."

Dan Kaminsky says he fixed the problem and along the way, he got the attention of the biggest names in computers.

Apple has issued a security patch that promises to fix a DNS vulnerability recently discovered by security researcher Dan Kaminsky, but it appears the fix doesn't actually fix anything.

Apple has shipped a Mac OS X security update with patches for at least 17 documented vulnerabilities, including a fix for the serious DNS cache poisoning vulnerability reported by hacker Dan Kaminsky.

It's been a few weeks since [Dan Kaminsky] announced the nature of the DNS vulnerability and allowed 30 days of non-disclosure for patches to be applied before details of the exploit went public.

HowtoForge: "Dan Kaminsky earlier this month announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server - clients, too.

These two articles explain how you can fix a BIND9 nameserver."

ZDNet: "The group responsible for maintaining the internet's most popular domain name software BIND has admitted it caused problems by fast-tracking a security patch designed to fix the widescale DNS flaw discovered by researcher Dan Kaminsky this month."