[New Research Paper] Bound by Tradition: A sampling of the security posture of the Internet's DNS servers

From: Mike Schiffman (mikeat_private)
Date: Thu Mar 06 2003 - 10:59:25 PST

Next message: Sven Pechler: "New HP Jetdirect SNMP password vulnerability when using Web JetAdmin"

Previous message: Daniel Ahlberg: "GLSA: snort (200303-6)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello. I just put the finishing touches on a whitepaper detailing the
security posture of the Internet's DNS infrastructure. To wit:

"DNS servers across the Internet running BIND are not up to date with
security patches and software updates. As a result, a significant
fraction of the Internet's DNS servers is vulnerable to compromise,
subversion, denial of service, and general misuse. Considering that DNS
is the lynchpin of the corporate enterprise, the impact of these
vulnerabilities is significant and a successful attack could bring down
any online business."

http://www.packetfactory.net/DNS/

Comments are welcomed; off-list is preferable and I will post a summary.

Thanks.

--
Mike Schiffman, CISSP
http://www.packetfactory.net/schiffman.html

Next message: Sven Pechler: "New HP Jetdirect SNMP password vulnerability when using Web JetAdmin"
Previous message: Daniel Ahlberg: "GLSA: snort (200303-6)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 06 2003 - 11:27:32 PST