Version: 2008

Comments on: Massive, coordinated DNS patch released

A fundamental flaw within the Domain Name System is being addressed by multiple vendors.

Add a Comment (Log in or register) (7 Comments)
  • prev
  • 1
  • next
by gagahput3ra July 8, 2008 12:31 PM PDT
why does it show "Error establishing a database connection" on the DNS Checker webpage? If the website got attacked in an attempt to protect "the greatest number of people worldwide", this will be the biggest joke of internet security this year.
Reply to this comment
by pencoyd July 8, 2008 3:36 PM PDT
OpenDNS was never vulnerable, so you might want to try their free service. http://www.opendns.com/
Reply to this comment
by Spiderrman July 8, 2008 3:46 PM PDT
Don't know about Vista, but on XP ZoneAlarm ceases to function unless it is turned off or the firewall setting for Internet is set to Medium from High.
Reply to this comment
by dragonstar125 July 9, 2008 12:20 AM PDT
that ture spider but its due to the microsoft update to fix the dns server patch grrrrrr so do set zone alarm to meduim i have sent email to zone alarm about this hope they fix asap :(
Reply to this comment
by portiadacosta July 9, 2008 2:08 AM PDT
Ah, could this be why I couldn't connect to the internet this morning after installing the latest security patch, on my WinXP SP3 system? I use Zone Alarm too.

I uninstalled the security patches for the time being.

I also use Open DNS, would that have any bearing on the problem?
Reply to this comment
by dragonstar125 July 9, 2008 8:09 AM PDT
reinstall the patches but before do so set internet setting in zone alarm to mediuim and your still safe :) it works for me as said above :)
by bt_ July 23, 2008 10:35 AM PDT
"Where we had 16-bit before, we now have 32 bits." ? said Dan Kaminsky welcoming the DNS patches coming out as if we are safe now.

Wrong! We still have the fundamental flaw ? we are still using something (DNS as we use WEP, VLAN, etc) that has not been designed for (security).

New ?finding? did not change the quality to the better ? it just changed the quantity of the feature. It means that when our computing recourses become faster we would be able to ?break? the randomness of 32 bits as easy as we can do it today for 16. Then what?

Poor work, too much fuzz...

We have to focus efforts on the DNS re-architecture and re-design - from scratch and having security requirements put forth for the new development.

/bt_
Reply to this comment
(7 Comments)
  • prev
  • 1
  • next
advertisement

15 sites that went kaput in 2009

Web sites launch all the time, but they also shut their doors. We highlight 15 that bit the dust this year.

Top 10 news stories of the decade

Let the debate begin: Was the iPhone more important than iTunes? Was anything bigger than Google finding a great business model? CNET offers its list of the 10 most important stories of the '00s.

About Defense in Depth

Covering computer viruses and computer crime, Robert Vamosi goes beyond the hype to provide you with expert interviews of the top security researchers, as well as offering the hands-on, nontechnical advice you'll need to stay safe online.

Add this feed to your online news reader

Defense in Depth topics

advertisement
advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET