SecuraByte Episode 1: DNS Haiku

Today we introduce a new portion of the show: SecuraBytes. SecuraBytes are unannounced episodes, they could be last minute interviews or just more beer induced security speak. So, without further ado, here is the first SecuraByte from the SecuraBit Podcast.

“Introducing haiku-DNS: [laughing corruption collapsing kittens gallop nectars forgiving] = usa.gov” – Chris

Wesley McGrew of McGrew Security, Martin McKeay of the Network Security Blog / Podcast, and some guy named Joel joined Rob Fuller and Anthony Gartner last night to discuss the DNS vulnerability leakage that happened about quitting time yesterday (7/21). We discuss the leak, how the vulnerability works, mitigating, and the potential it has on mass scales. Every one of the gentlemen that joined us, and we here at SecuraBit urge you to patch as soon as possible. If you need further information, please check the following links:

Direct link to this episode:HERE

Check to see if you are vulnerable: http://www.doxpara.com/

In depth explanation of the vulnerability:
http://www.mcgrewsecurity.com/?p=151

Dan’s niece Sarah spells it out for us:
http://www.youtube.com/watch?v=XDKw8ny6IcM

More supporting links:
http://www.mckeay.net/2008/07/21/patch-dns-now/
http://www.matasano.com/log/mtso/
http://www.doxpara.com/?p=1176
http://blogs.zdnet.com/security/?p=1520

4 Responses to “SecuraByte Episode 1: DNS Haiku”

  1. Jay says:

    http://www.milw0rm.com/exploits/6122

    Exploit is out via MSF3 by downloading it from milw0rm’s site. However it’s said to be not as easy as it sounds and for IDS types it could be susceptible to many false positives as this is a rehash of an older DNS cache poisoning signature in which the threshold is revised to detect such activity.

  2. [...] Episode 2 Last night we decided to discuss a little more on the DNS vulnerability issue that’s been the hot topic everywhere in terms of detection and defense.  Thanks to guest [...]

  3. Donna C Carbone says:

    nice article! nice site. you're in my rss feed now ;-)
    keep it up

  4. Harry Duplantis says:

    your site is on my favorites now

Leave a Reply