05
DNS server strikes start using BIND applications defect
Attackers have began using a defect in the most popular applications for the DNS (Domain Name System), which translates domain names into IP addresses.
The defect could be used with one packet, crashing authoritative and recursive DNS servers. Security analysts forecast that attackers would immediately learn the best way to use the flaw, which has occurred.
There is no workaround for the defect, so system administrators must patch to prevent strikes. Patches have been issued by leading Linux distributions including Red Hat, CentOS and Ubuntu, but it’s up to admins to use it and restart their BIND servers.
Cid wrote via e-mail that at least two of the clients within different sectors of Sucuri had seen their DNS servers crash due to strikes.
A successful strike will make a hint in server logs, Cid wrote. The command “ANY TKEY” should seem as long as admins have querylog empowered.
There are no comments.