- home
- reviews
- news
- downloads
- cnet tv
HOLIDAY HELP DESK: Broadcasting live at 1:00 p.m., PT
- log in
- join CNET
- welcome,
- my profile
- log out

Comments on: Vulnerable to a DNS cache poisoning at home?

Tools and patches are available to see whether your home Internet connection is vulnerable to Dan Kaminsky's DNS flaw.
• DNS exploit code is in the wild

Add a Comment (Log in or register) (7 Comments)

by BrianSeattle July 24, 2008 11:50 AM PDT

Robert, can you or someone at CNET call Comcast and crack the whip on them? I called regular support as well as their dedicated security line, and no one there had any idea what I was talking about when I asked about their status on patching their DNS servers.

I can understand if they want to be coy about exactly how far they are in the patching process - perhaps there are still a few unpatched machines - but to feign total ignorance of the issue is absurd, and a little unnerving to me as a customer.

You can find Comcast Security phone number, 888-565-4329, at security.comcast.net > Get Help > Contact Comcast Security.

If they are actually oblivious, it's downright scary. If they are just stonewalling, they need to learn that this is a very bad customer experience when the exploit has been made public.

Like this Reply to this comment


by The_Decider July 25, 2008 1:13 AM PDT: It is easy enough to fix this on your own: www.opendns.com; Like this


by ofrmgfo July 25, 2008 8:27 PM PDT: As of 25 July 08 my comcast servers are up to date; Like this


by HeartofHistory July 24, 2008 12:13 PM PDT: Brian - if you follow the Dan Kaminsky link above, the text at the bottom of the DNS test box says, "Note: Comcast users should not worry." No reason is given, but the note is there.; Like this Reply to this comment

by Schratboy July 24, 2008 1:07 PM PDT

More BS and bluster regarding the over-hyped vulnerability problem. For CRYING OUT LOUD PEOPLE! There are hundreds of other issues that will take your operations to its knees before even ONE (1) known vulnerability raises its ugly head. The falasy of vulnerability risk is over-sold. Not that these can't do harm, but there are plethora of threats and misuse issues than will impact operations to a greater extent NOW than waiting for an exploit to trigger a flaw.

Like this Reply to this comment


by The_Decider July 25, 2008 1:15 AM PDT: Within a day of ICANN's gTLD announcement, ZDNet reports that a Turkish hacking group has hijacked domain names belonging to IANA and ICANN. Interestingly, only thier "alternative" names were hijacked. For example, ICANN.COM and ICANN.NET were, but ICANN.ORG was not. Similarly, IANA.COM was, but IANA.ORG was not. The same group is apparently responsible for other recent high profile domain hijinks as well.

One thing all of the hijacked names have in common is their registrar, Register.com, which was apparently able to fix the problem within about 20 minutes. Let's hope the parties involved are up-front enough to explain what happened.

https://www.dns-oarc.net/; Like this


by cohaver July 25, 2008 8:25 AM PDT: Windows New Desktop Search and Driver update service Faces the Same Problems; Like this Reply to this comment

(7 Comments)

About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.