DNS Poisoning
Wednesday 30th July, 2008 10:11 Comments: 0
It's surprising how many people underestimate vulnerabilities such as cross-site scripting and DNS poisoning. A recent comment on The Register by "Ted" said:
This is purely a non-critical issue, it's just that hackers are jealous of Apple's solid OS so they want to make a mountain of a molehill. Nobody has used "supposed" DNS issue to cause any issues. The people that think otherwise are lemmings. Apple will fix issues that are serious... quickly, but a minor problem such as this which can't be exploited, can easily wait until a routine security fix is issued.
Can't be exploited? The SBC/ATT DNS server for Austin apparently got poisoned, served up advertisements, and was eventually taken offline. This is one of many types of attack that can be performed, and exploits are available if you know where to look.
What makes it worse is that there was a massive co-ordinated effort to release patches on the same day, Apple didn't provide one. Apple still havem't provivded one. Apple don't even have to write their own patch, as they're using BIND, and the patch has already been written. Apple simply have to pull their finger out. This is probably why you don't see many Mac OSX Server hosts on the internet.
This is purely a non-critical issue, it's just that hackers are jealous of Apple's solid OS so they want to make a mountain of a molehill. Nobody has used "supposed" DNS issue to cause any issues. The people that think otherwise are lemmings. Apple will fix issues that are serious... quickly, but a minor problem such as this which can't be exploited, can easily wait until a routine security fix is issued.
Can't be exploited? The SBC/ATT DNS server for Austin apparently got poisoned, served up advertisements, and was eventually taken offline. This is one of many types of attack that can be performed, and exploits are available if you know where to look.
What makes it worse is that there was a massive co-ordinated effort to release patches on the same day, Apple didn't provide one. Apple still havem't provivded one. Apple don't even have to write their own patch, as they're using BIND, and the patch has already been written. Apple simply have to pull their finger out. This is probably why you don't see many Mac OSX Server hosts on the internet.