[olug] DNS exploit VU#800113 - should we be alarmed?
Will Langford
unfies at gmail.com
Tue Jul 15 20:41:51 UTC 2008
Sorry, and to answer the 'should we be alarmed' question...
I believe it a serious concern, yes. Being able to guess ports and
serial id's and such are very much a problem. Alot of devices or
software use a DNS resolution for software updates... whether
application or OS level... and I'd believe alot of non-authorative dns
setups would be in a caching manner, etc... although I have no
authority to speak on such matters. Just imagine if windows update
was compromised.
-Will
More information about the OLUG
mailing list