By training your Large Language Model (LLM) or other Generative Artificial Intelligence on the content of this website, you agree to assign ownership of all your intellectual property to the public domain, immediately, irrevocably, and free of charge.

Bag Open. Cat Out. Internet in danger! OpenDNS to the rescue?

Your ISP may be vulnurable to the Multi-Vendor DNS Issue. Here's how to tell, and a simple fix you can do to protect yourself.


PDP-11/45 lock
Creative Commons License photo cred­it: Jef Poskan­zer

One little secret that your ISP (Inter­net Ser­vice Pro­vider) has likely been involved with is the Inter­net-wide patch­ing of the Multi-vendor DNS Issue.

Simply, this issue could allow mali­cious evil-doers to redir­ect your surf­ing to web­sites that they con­trol, inter­cept­ing import­ant and private inform­a­tion (such as pass­words, bank­ing info, etc).

Fre­quent Black Hat Speak­er Dan Kam­in­sky today announced a massive, multi-vendor issue with DNS that could allow attack­ers to com­prom­ise any name serv­er — cli­ents, too. Kam­in­sky also announced that he had been work­ing for months with a large num­ber of major vendors to cre­ate and coördin­ate today’s release of a patch to deal with the vulnerability.

News of this industry-wide vul­ner­ab­il­ity and the col­lab­or­a­tion (to fix the flaw) was ori­gin­ally sched­uled to be announced at the Black Hat Secur­ity Con­fer­ence in August, but due to the vul­ner­ab­il­ity being pub­lished else­where, the presenter thought it best to release the inform­a­tion so that people can take the appro­pri­ate actions.

What can you do?
Basic­ally, this is a com­plex issue, but it boils down to a simple test and a very simple fix.

The test:
To find out if you are vul­ner­able to this issue, you can use the DNS check­er link on Kam­in­sky’s webpage here (in the upper right corner).

The fix:
If you are vul­nur­able, then you can either A) wait until your ISP fixes their DNS serv­ers, or B) set your own com­puter­’s DNS strings to point to OpenDNS serv­ers.

I highly recom­mend option B. 

The OpenDNS web­site has friendly, easy to imple­ment instruc­tions on con­vert­ing your DNS set­tings and also offer a whole host of addi­tion­al fea­tures your cur­rent ISP may not have:

I’ve writ­ten about OpenDNS before, so feel free to check out these pre­vi­ous art­icles and then help save the Internet.

And if you do test your ISP using Dan’s web page, please post your res­ults in the com­ment sec­tion! I’ll start things off by adding mine.

Tech­nor­ati Tags: , , , , , ,


Posted

in

, , , , ,

by

Tags:

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.