Alert: DNS attack code released

(TheForceField.Net ) July 24,2008 — DNS attack code that exploits the DNS vulnerability found and patched earlier this month was released yesterday on Metasploit. The code was released by the developers of the Metasploit hacking toolkit.

The bug was discovered by Dan Kaminsky of IOActive, Inc. and announced to the public earlier this month after a patch was created with the rare co-operation of major software vendors.

The code allows hackers to launch undetectable attacks on users of ISPs that have not patched their servers. The code can also be used to redirect Internet users to phony software update servers to download and install malware.

Security experts are warning everyone to patch immediately. To check the vulnerability of your ISP or DNS server go to http://www.doxpara.com .If your ISP has not patched or is vulnerable you can use OpenDNS .

 

 

 

Security Source