On his blog, Halvar Flake described how an attacker could conduct DNS cache poisoning by overloading the server with requests until a legitimate answer is received. The technique also involves redirecting the name server to an IP address set up by the attacker and the use of “Bailiwick checking.” Matasano Security was already in on the details of the flaw and posted confirmation of Flake’s hypothesis, adding that an attacker with a fast internet connection would only need 10 seconds to carry out such an attack.
Kaminsky, for his part, has declined comment on Flake's speculation but urged DNS operators to patch their servers immediately.
Downloads and Drivers
From the Forums
Subscribe to TechSpot
Receive a weekly update of our best features and tech news you don't want to miss: