Hardware Analysis Community Forums http://www.hardwareanalysis.com/content/topic/71959/ 2008-12-03T19:24:29-05:00 http://www.hardwareanalysis.com/content/topic/71959/ http://media.hardwareanalysis.com/halogo.gif text/html 2008-07-10T23:57:28-05:00 Gerritt http://www.hardwareanalysis.com/content/topic/71959/#540238 DNS has always been an issue with security on the internet.<br /> For unsecured DNS, the practice of increasing the record number in the DNS entry would actually permit the override of any other DNS record, with no checks to the primary owners record base. This could, would, does lead to a malicious user to hijack at least some if not all of your traffic based upon DNS name resolution.<br /> If you maintain a DNS server that supports a all record lookup via nslookup or dig, then you are vulnerable. Do you know there are still folks out there running buisnesses with static IPs that are still supporting the finger protocol?!?!<br /> Whats the most scary to me, is that Developers and the Companies associated with them seem to be the most &quot;accessable&quot; or vulnerable to these types of attacks, and they have entry points into major corporations. Most Coders do not understand the underlying risk that they are exposing thier clientelle to. This is one of the reasons I have a job.<br /> text/html 2008-07-10T21:21:55-05:00 angryhippy http://www.hardwareanalysis.com/content/topic/71959/#540207 Wednesday July 9, 2008 <br /> Microsoft DNS Patch Grounds ZoneAlarm Users <br /> <br /> One of Tuesday's Microsoft patches causes ZoneAlarm users to lose Internet connectivity. The patch appears to be MS08-037 (Vulnerabilities in DNS Could Allow Spoofing), which was part of an Internet-wide fix of a common design flaw in DNS implementations<br /> <br /> ZoneLabs has issued a workaround for users suffering from the problem. You have three options:<br /> <br /> 1.Move Internet Zone slider to Medium<br /> <br /> Navigate to the &quot;ZoneAlarm Firewall&quot; panel<br /> <br /> Click on the &quot;Overview&quot; tab<br /> <br /> Move the &quot;Internet Zone&quot; slider to medium<br /> <br /> <br /> 2. Uninstall the hotfix<br /> <br /> Click the &quot;Start Menu&quot; <br /> <br /> Click &quot;Control Panel&quot;, or click &quot;Settings&quot; then &quot;Control Panel&quot; <br /> <br /> Click on &quot;Add or Remove Programs&quot; <br /> <br /> On the top of the add/remove programs dialog box, you should see a checkbox that says &quot;show updates&quot;. Select this checkbox<br /> <br /> Scroll down until you see &quot;Security update for Windows (KB951748)&quot; <br /> <br /> Click &quot;Remove&quot; to uninstall the hotfix <br /> <br /> <br /> <br /> 3. (advanced technical skills required): Add your DNS servers to trusted zone <br /> <br /> From the &quot;Overview&quot; panel, select the &quot;Firewall&quot; panel then click on the &quot;Zones&quot; tab <br /> <br /> Click &quot;Add&quot;, then select &quot;IP address&quot; from the shortcut menu. The Add IP Address dialog appears. Select &quot;trusted&quot; from the Zone drop-down list<br /> <br /> Type the IP address and a description in the boxes provided, then click &quot;OK&quot; <br /> <br /> If you are not sure what IP addresses to add:<br /> <br /> Click the Start Menu <br /> <br /> Click on Run. Type &quot;cmd.exe&quot; <br /> <br /> In the command prompt type: &quot;ipconfig /all&quot;. Look for DNS Server(s) in the output of the command <br /> <br /> For each IP address listed, navigate to the &quot;Zones&quot; panel of the &quot;Firewall&quot; tab, add the IP address, select &quot;Trusted Zone&quot;, and press &quot;Apply&quot;<br /> <br /> After you are done adding DNS servers click the &quot;Apply&quot; button<br /> <br /> Also chck with zone alarm for fixes.<br /> Source:<a class="ext" href="/action/r/http://snipurl.com/2wcry" target="_blank">http://snipurl.com/2wcry</a><br /> <br /> <i><b>LOL So what else is new?</b></i> text/html 2008-07-09T16:46:49-05:00 john albrich http://www.hardwareanalysis.com/content/topic/71959/#0 I checked my DNS (&quot;XYZ&quot; via ISP COX broadband internet) and it IS still identified as vulnerable to this threat. Note: your ISP may have more than one DNS available.<br /> <br /> If you want additional details on the IP address that was provided by the tool at <a class="ext" target="_blank" href="/action/r/http://doxpara.com">doxpara.com</a> (if any) you go to this page, <a class="ext" href="/action/r/http://www.ip2location.com/" target="_blank">http://www.ip2location.com/</a> and enter that number into the field provided at the upper right-hand side of the web-page, and then click on the &quot;Find Location&quot; button. It will ID the DNS and service provider information.<br /> ====================================<br /> <br /> <br /> <a class="ext" href="/action/r/http://www.breitbart.com/article.php?id=080709124916.zxdxcmkx&amp;show_article=1" target="_blank">http://www.breitbart.com/article.php?id=080709124916.zxdxcmkx&..._article=1</a><br /> Internet flaw could let hackers take over the Web <br /> Jul 9 08:49 AM US/Eastern<br /> <br /> Recently, a significant threat to DNS, the system that translates names you can remember (such as <a class="ext" href="/action/r/http://www.doxpara.com" target="_blank">http://www.doxpara.com</a>) to numbers the Internet can route (66.240.226.139) was discovered, that <b>allows malicious people to impersonate almost any website on the Internet</b>.<br /> <br /> To find out if the DNS server you use is vulnerable, go to the doxpara website below, and click on the &quot;Check My DNS&quot; button. <br /> <br /> Kaminsky built a web page, <a class="ext" href="/action/r/http://www.doxpara.com," target="_blank">http://www.doxpara.com,</a> where people can find out whether their computers have the DNS vulnerability.<br /> <br /> Automated updating should protect most personal computers. Microsoft released the fix in a software update package Tuesday.<br /> <br /> <br /> edit-add instructs on finding more details about the DNS IP address.