photo credit: kevindooley
First off. This is a serious issue, make no doubt about it. But is the reporting hype surrounding this exploit appropriate? Here’s some quotes of that hype:
Yesterday’s exploit, explained Storms, lets an attacker poison a DNS server’s cache with a single malicious entry, but today’s attack code allows a hacker to poison large quantities of domains with one fell swoop. “This second exploit has the potential for a much larger impact,” said Storms, “and could result in potentially thousands of fake addresses inserted into a DNS server’s cache.
There is a security risk on the horizon, according to experts that work
with computers and computer networks, and it is a sizable one.
A simple DNS Security Checklist would have sufficed.
- Become better informed about this issue. Here’s an overview of the exploit and what it means to you.
- Test your DNS service from your computers (Home & Work).
- If you fail the test, check with your Internet Service Provider to ensure their DNS servers are going to be patched.
- Consider using OpenDNS if you aren’t convinced your ISP is handling things correctly.
- Use a ‘phishing aware’ browser such as FireFox3.
That’s it. Peace-of-mind can return.
Or can it? What do you think? Have you tested your DNS? Post your thoughts or results in the comments below.