(TheForceField.Net ) July 23, 2008 –A security company accidentally posted details of the DNS bug on their web blog Monday morning.
The bug was discovered by Dan Kaminsky of IOActive, Inc. and announced to the public earlier this month after a patch was created with the rare co-operation of major software vendors. Kaminsky planned to publicly release details of the DNS bug at the Black Hat conference next month and requested those who were already in the know to keep it under wraps until then.
However, a representative at Matasano, a security research and development company, accidentally confirmed details of the DNS flaw in a blog post July 21. The post has since been removed but not before it could be read by many and cached in Google.
Now security experts predict the first attack based on the flaw is only days away and are warning the public to patch immediately and brace for the worst.
In an apology posted on the Matasano blog Monday, Thomas Ptacek, Principal, Mantasano Research, explained the snafu. "Earlier today, a security researcher posted their hypothesis regarding Dan Kaminsky’s DNS finding", Ptacek stated. "Shortly afterwards, when the story began getting traction, a post appeared on our blog about that hypothesis. It was posted in error. We regret that it ran. We removed it from the blog as soon as we saw it. Unfortunately, it takes only seconds for Internet publications to spread", he added.
"We dropped the ball here", Ptacek admitted.
Check your ISP
Several ISP do not seem to want to believe this is a true flaw so they are doing little or nothing to fix this problem. If you listen to any of the TWIT podcasts Steve Gibson has been talking about this for a few weeks now. You can check to see if your ISP or DNS server is at risk by going here http://www.doxpara.com/
COMCAST has only updated about 1/4 of their dns servers and the isp I use (wide open west) has done 0%. The best and fastest fix, if your ISP hasent patched yet is by using opendns (208.67.222.222 and 208.67.220.220