title: Dan Kaminsky at Black Hat link: https://onemoretech.wordpress.com/2008/08/07/dan-kaminsky-at-black-hat/ author: lembobro description: post_id: 476 created: 2008/08/07 12:33:54 created_gmt: 2008/08/07 12:33:54 comment_status: open post_name: dan-kaminsky-at-black-hat status: publish post_type: post

Dan Kaminsky at Black Hat

Dan Kaminsky spoke for an hour on the flaw he’s found in the Domain Name System (DNS) at the Black Hat conference in Las Vegas yesterday. Audio is linked off the convention webcast page. You can choose to stream, or download the mp3, of this briefing, that has received coverage in some of the more serious news outlets around the world. The Washington Post’s Brian Krebs repeats his advice that consumers should switch from their ISP’s DNS to OpenDNS (more from Brian on that here).

Of course OpenDNS is not an option for most large enterprises who need to maintain their own name resolution services for both internal and external use. These systems are most at risk from the inexplicable failures of vendors to deliver, and administrators to apply, patches to protect against the flaw (as of yesterday, Kaminsky estimated that upwards of 15% of DNS servers world-wide have not been patched). Kaminsky’s blog, Doxpara Research, has a link and summary of his slides, and some interesting tools for checking your DNS. His lead article right now has a video that graphically shows the progress of patching efforts from 2008-07-07 on. Here’s the embed:

Copyright 2004-2019 Phil Lembo