Ars Technica has posted a great overview of the DNS Exploit I’ve been talking about for the last week or so. Use doxpara to test your DNS provider.
DNS Exploit, fully explained
Reply
Category Archives: etcetera
DNS Exploit now in the wild
You had your chance, but now the previously reported DNS vulnerability has been disclosed publicly, more or less. Dan put up this cryptic post, and the comments basically spell it out. The exploit is known, and it can be performed in less than 10 seconds. More here. Patch now!
No, really. Patch your DNS.
“First, take the advisory seriously—we’re not just a bunch of n00b alarmists, if we tell you your DNS house is on fire, and we hand you a fire hose, take it.” Sage advice from Paul Vixie on the recent DNS Cache Poisoning exploit. Many systems remain unpatched, even though this security vunerability is critical and should be addressed immediately.
Multi-Vendor patch addresses major DNS exploit
In a rare show of cooperative effort, multiple vendors released a patch today to their DNS implementations, the underlying technology behind connecting domain names to the IP addresses they live on. DNS Admins are urged to patch the systems in their charge, immediately . Securosis has the full story. Here’s a tool to test to see if you’re at risk to the Cache Poisoning exploit.
Interestingly enough, only one DNS implementation was not affected: DJBDNS.
Blog Orlando dates announced
BlogOrlando is September 25-27th, 2008 this year.
iGoogle goes Social
From the “could be a big deal” department: iGoogle will be rolling out social features to its personalized home page service. However, its unclear whether it will amount to much more than mixing some gmail features, including google talk chat, with its increasingly popular gadgets. PC Mag has more. Where’s the open social integration?
I’m in UR internetz, stealin all UR cultures
In Andrew Keen‘s book, The Cult of the Amateur… “makes the case that the internet, particularly Web 2.0 with all of it’s socialization and democratization, is making us all idiots.” Read a passionate review of it here. Audible has it and I will surely be spending this month’s credit on it.
followinger
Need to make snap decision to follow someone back on twitter? Then let followinger do the hard work of figuring out if they are a lamer, a spammer, or another fly by nighter. Follow followinger, then send a direct message with the username of the person you are interested in, and they send back some useful stats, such as date of join, number of tweets, and ratio of followers to followings. Interesting tool, for sure.
Using Awk to speed up your Drupal Workflow
Ryan Price, the Drupal hacker behind DrupalEasy.com, just posted an excellent article about using awk to speed up your workflow when downloading and extracting multiple Drupal modules. Its worth a look just to pick up some command line wizardry, whether you use Drupal or not.
Friends don’t let friends use TypePad
Friends don’t let friends use TypePad
The title says it all. A pretty lively discussion about WordPress vs. TypePad. It even riled a TypePad VP up so much that he made an a$$ of himself in the comments. WordPress FTW.