open core »

Dan Kaminsky's DNS Attack Leaked

The Matasano Chargen blog has published an entire post talking about the ways to exploit the DNS vulnerability found by Dan Kaminsky. Apparently the author tried to fall back, removing the post, but it was too late. The post was already in everyone's feed reader (and still is in mine).

Since I'm not going to disclose the post, you can search for the leaked content in the comments of the Slashdot article.

Update: The Matasano blog has now a new post regarding the previous post removed.

Update 2: Here's an interview with Dan from the Wired Magazine

Update 3: The exploit was finally released and it's in metasploit, watch them running to patch the servers. If you are a DNS server admin go patch right now, or get p0wned along with all your DNS users.