There's a problem in DNS (for those of you new to Al Gore's Intarwebz, that's what changes cute names like "borepatch.blogspot.com" into actual, you know, addresses). Seems that if you're really clever, you can pretty much pwn DNS at will, which lets you do all sorts of fun and games - like impersonate web sites.Now this was really a big deal for Internet Service Providers, but not so much for anyone else (unless you're a security geek). Nothing ironic here.
The irony comes in when you hear that the security researcher who put an exploit for the vulnerability into popular security testing tool has been victimized by the Bad Guys:
"HD Moore has been owned. Moore, the creator of the popular Metasploit hacking toolkit, has become the victim of a computer attack. It happened on Tuesday morning, when Moore's company, BreakingPoint, had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what's known as a cache poisoning attack on a DNS server on AT&T's network that was serving the Austin, Texas, area. One of BreakingPoint's servers was forwarding DNS (Domain Name System) traffic to the AT&T server, so when it was compromised, so was HD Moore's company."Not his fault - AT&T ran the DNS server that got poisoned. But still, this is the biggest security + irony story since, well, maybe it's the biggest ever.
Slashdot has the story and, as always, top shelf snark. And OBTW, Metasploit rocks, at least if you're a security geek. Not sure if it's a great idea downloading it via a pwned DNS server, tho.
No comments:
Post a Comment