Broadband Developments

August 7, 2008

Timeline of DNS Story - It’s Getting Out of Hand - Ok - So What’s the Solution

Filed under: BroadDev — Tags: , , , — John Furrier @ 11:48 am

The old saying if it bleeds it leads but this is getting out of hand. The DNS story is a real one, but lets move on to solutions - it’s clear that this as news is “beating this dead horse”. Enough of the gloom and doom. There is no doubt Dan Kaminsky is lovin the visability, but enough already on the problem. Time to move on to solutions.

Everyone knows DNS has a tons of holes but there are fixes and commercial software like Infoblox (now a sponsor of this blog - Thanks Infoblox).

Here is the timeline of this global conversation on BroadDev on the DNS story (with links externally to other credible sources): All of our contributors have chimed in on this topic.. very relevant.

July 22, 2008 - DNS Vunerability Has Now Gone Wild

July 23, 2008 - DNS Gone Wild - Exclusive Interview with Cricket Lui

July 24, 2008 - ZDNet Reports that DNS Exploit Code Has Been Published

July 24, 2008 - Cert: 60% of Recursive Name Servers UnPatched

July 25, 2008 - DNS Exploit is a Sleeping Zombie - Get the Patch

July 25, 2008 - Is Change Control Making the DNS Worse?

July 29, 2008 - DNS Exploit Again - It Keeps Going and Going - Feels like the Energizer Bunny of Exploits

July 29, 2008 - Breaking News: Now Patch Your Firewalls Because the DSN Patch Won’t Work With Leading Firewalls

July 30, 2008 - DNS SUCKS - Ok I Said It - Now What - Talk to Trusted Sources Until PAT mode is Fixed

July 31, 2008 - DNS Flaw Could Disrupt Unified Communications

July 31, 2008 - Kaminsky’s DNS Exploit Exposes Internet Core Challenge

August 5, 2008 - Black Hat 2008 - Look for Social Nets and DNS to Be Hot Topics

August 7, 2008 - Leaked Memo: DNS Security Flaw - Worst Security Hole Since 1997

These links are just the BroadDev coverage - This thing went supernova when John Markoff put it front and center in the NYTimes.

Time for solutions please - this as news is a dead horse.

3 Comments »

  1. There’s more news yet to come out… :-)

    Comment by David Ulevitch — August 7, 2008 @ 1:33 pm

  2. And the IETF namedroppers list is where solutions are being proposed… it’s publicly archived.

    Comment by David Ulevitch — August 7, 2008 @ 1:33 pm

  3. I think with this exposure out there, that many folks are trying it out, to exploit and to fix this issue. It might be a number of weeks, but something will turn up. Yeah I know this is a vulnerability years old and has been exposed for weeks now… It’s time for a fix…

    Comment by John Casaretto — August 7, 2008 @ 8:54 pm

RSS feed for comments on this post. TrackBack URL

Leave a comment

Powered by WordPress