DNS servers still susceptible to cache poisoning
Date: 8/10/2008 8:48 am
Rating: 5 Rate [ | ]
"John Markoff of the NYTimes writes about a Russian hacker, Evgeniy Polyakov, who has successfully poisoned the latest, patched BIND with randomized ports. Originally, the randomized ports were never supposed to completely solve the problem, but just make it harder to do. It was thought that with port randomization, it would take roughly a week to get a hit. Using his own exploit code, two desktop computers and a GigE link, Polyakov reduced the time to 10 hours."
You had better be prepared to increase your security to avoid the issues with potential DNS redirection.