Practical Technology

for practical people.

DNS Patching Time Was Yesterday

You did patch your Linux servers with the new DNS patch didn’t you? Well, if you haven’t, get on it. Now.

The genie is out of the bottle. According to Robert McMillan in PC World, the creators of the Metasploit hacking toolkit have included a viable DNS server attack in their ‘penetration testing toolkit.”

They can call it whatever they want. What it means is that any malware kit kid can now move in on your unpatched DNS server and set it so that the next time one of your users enters a URL they’ll end up at God alone knows what Web site. DNS exploits at this level can completely twist the Internet roadmap, and if cleverly done, you and your users won’t realize what’s happening until you’ve already entered valuable information in dummy Web sites.

You can fix this problem by following the instructions in this article on preventing DNS poisoning. If you haven’t updated your system yet, just cross your fingers that you haven’t already been hacked.

Good luck.

Comments are closed.