Now Available:

Featured Resource:

line

Realtime Communities

line

Newsletter

Email Address:


line

Monthly Archives

line

RSS

line

Ask the Expert

Have a question for our resident expert? Email your questions to Greg.

« MMS 2008 Registration is Now Open | Main | Tuesday "Just for Fun" (but not really): Remember that Old Joke Web Page -- "You Have Reached the End of the Internet"? Well, it Actually Could Happen... »

This Month's Patched DNS Bug has been a Known Problem for 10 Years

Disturbing news from Computerworld:

The DNS cache poisoning bug that Microsoft Corp. patched last Tuesday stems from a flaw that has been known to researchers for 10 years or more, the two security firms credited with reporting the vulnerability said this week.

Microsoft patched the Domain Name System (DNS) server included with Windows 2000 Server and Windows Server 2003 to fix what it called a spoofing flaw that could be exploited by identity thieves or malware authors to silently redirect users from intended Web destinations to malicious pretenders.

A day later, the two security companies that Microsoft acknowledged for independently reporting the bug -- Scanit NV/SA of Brussels, Belgium, and Trusteer Ltd. of Tel Aviv, Israel -- published their analysis. The problem, said Scanit and Trusteer, is that Windows DNS server generates predictable transaction IDs, the security identifiers meant to make spoofing and cache poisoning difficult to impossible. Because the transaction IDs can be predicted, hackers can deceive the name server into thinking that false DNS data is legitimate.

The full article is a compelling read. Apparently BIND has had this problem fixed for a long time now. Why did it take Microsoft so long to patch this problem?

Tags:  
 Email This!  Digg it!  Sphere it!  Del.icio.us  Reddit!  Newsvine

Posted by Greg Shields on November 20, 2007 12:30 AM |

TrackBack

TrackBack URL for this entry:
http://www.realtime-windowsserver.com/type/mt-tb.cgi/529

Post a comment

(All comments are approved by site leader before appearing here. Thanks for commenting!)

Search

line

Most Active Posts

line

Library Resources

line
line

Recent Posts

line

Categories

line

Greg Shields' Bio:

Greg Shields, is an independent author, instructor, and IT consultant based in Denver, Colorado, and a co-founder of Concentrated Technology. With nearly 15 years of experience in information technology, Greg has developed extensive experience in systems administration, engineering, and architecture specializing in Microsoft systems management, remote application, and virtualization technologies. Greg is a Contributing Editor for Redmond Magazine, MCPmag.com, and Virtualization Review Magazine and is the author of five books, including Windows Server 2008:  What’s New / What’s Changed. Greg is also a highly sought-after instructor and speaker, speaking regularly at conferences like TechMentor Events, and producing computer-based training curriculum for CBT Nuggets.  Greg is a recipient of Microsoft "Most Valuable Professional" award with a specialization in Windows Terminal Services.