From VNUNET via Packetstorm:
H D Moore, who crafted the original DNS exploit module, said in a blog posting that an attacker managed to run the cache-poisoning attack on a server belonging to AT&T’s internet service in Austin, Texas.
As a result of the attack, servers at BreakingPoint Systems, the network security firm which employs Moore as director of security research, redirected employee machines from Google.com to a third-party site loaded with advertisements.
Apparently no real damage caused by it for them, but there must be loads of other users on AT&T’s DNS-servers.
I’m all for full disclosure but this is really affecting a lot of people. We are seeing a big increase in infected computers and the DNS flaw might be what’s behind this (but I have no concrete proof of it).
Anyhow, admins at larger ISP’s better get patching now if they haven’t started already.
Cheers,
Recent posts
- Wonderful networking cheat sheets…
- Monty Python goes 2.0
- Q.P - On my way to Borås & Jönköping…
- Does this mean…
- Aspire One wallpaper, Tree
Categories
- censorship
- cryptography
- democracy
- dns
- exploit
- fraud
- linux
- malware
- microsoft
- misc
- networking
- party
- patents
- personal
- privacy
- programming
- reverse engineering
- security
- standards
- vista
- webapps
- work
Links
- Anti-virus Rants
- Henrik Alexandersson (HAX)
- Nyström’s fotoblog
- Opassande
- Oscar Swartz
- Panda Labs
- Panda Research
- PCM International
- Piratpartiet
- Rick Falkvinge (pp)
- Rosetta Sten
sdas
All photos and media by Daniel Nyström that is published on this site is licensed under a Creative Commons Attribution-Share Alike 2.5 Sweden License if nothing else is mentioned in the caption or description.