photo credit: Jef Poskanzer |
One little secret that your ISP (Internet Service Provider) has likely been involved with is the Internet-wide patching of the Multi-vendor DNS Issue.
Simply, this issue could allow malicious evil-doers to redirect your surfing to websites that they control, intercepting important and private information (such as passwords, banking info, etc).
Frequent Black Hat Speaker Dan Kaminsky today announced a massive, multi-vendor issue with DNS that could allow attackers to compromise any name server — clients, too. Kaminsky also announced that he had been working for months with a large number of major vendors to create and coördinate today’s release of a patch to deal with the vulnerability.
News of this industry-wide vulnerability and the collaboration (to fix the flaw) was originally scheduled to be announced at the Black Hat Security Conference in August, but due to the vulnerability being published elsewhere, the presenter thought it best to release the information so that people can take the appropriate actions.
What can you do?
Basically, this is a complex issue, but it boils down to a simple test and a very simple fix.
The test:
To find out if you are vulnerable to this issue, you can use the DNS checker link on Kaminsky’s webpage here (in the upper right corner).
The fix:
If you are vulnurable, then you can either A) wait until your ISP fixes their DNS servers, or B) set your own computer’s DNS strings to point to OpenDNS servers.
I highly recommend option B.
The OpenDNS website has friendly, easy to implement instructions on converting your DNS settings and also offer a whole host of additional features your current ISP may not have:
Features
I’ve written about OpenDNS before, so feel free to check out these previous articles and then help save the Internet.
And if you do test your ISP using Dan’s web page, please post your results in the comment section! I’ll start things off by adding mine.
Technorati Tags: Black Hat, DNS, OpenDNS, Security, Flaw, Vulnurability, Privacy
Leave a Reply