Tag Archive for 'software'

DNS Exploit now in the wild

Published
by
Eric Marden
on July 24, 2008
in etcetera
. Comments

You had your chance, but now the previously reported DNS vulnerability has been disclosed publicly, more or less. Dan put up this cryptic post, and the comments basically spell it out. The exploit is known, and it can be performed in less than 10 seconds. More here. Patch now!

Hello There! Thank you for visiting my site.

This is the professional blog of Eric Marden, a veteran web developer, entrepreneur, and inspirational speaker.

If you're new here, please subscribe to my RSS feed. You'll get a blend of tech news, analysis, inspirational essays, and much more. Subscribe today.

WordPress for iPhone released

Published
by
Eric Marden
on July 22, 2008
in announcements
. Comments

The WordPress for iPhone application was recently released. It’s free and native, and so far the general consensus is that it’s nice but still has some kinks to work out. Indeed, I typo’d the password when setting this blog up in it and was presented with this broken screen:

photo

No, really. Patch your DNS.

Published
by
Eric Marden
on July 16, 2008
in etcetera
. Comments

“First, take the advisory seriously—we’re not just a bunch of n00b alarmists, if we tell you your DNS house is on fire, and we hand you a fire hose, take it.” Sage advice from Paul Vixie on the recent DNS Cache Poisoning exploit. Many systems remain unpatched, even though this security vunerability is critical and should be addressed immediately.

WordPress 2.6

Published
by
Eric Marden
on July 14, 2008
in announcements
. Comments

So many tasty features, that I’ll just the video do the talking.

Multi-Vendor patch addresses major DNS exploit

Published
by
Eric Marden
on July 8, 2008
in etcetera
. Comments

In a rare show of cooperative effort, multiple vendors released a patch today to their DNS implementations, the underlying technology behind connecting domain names to the IP addresses they live on. DNS Admins are urged to patch the systems in their charge, immediately . Securosis has the full story. Here’s a tool to test to see if you’re at risk to the Cache Poisoning exploit.

Interestingly enough, only one DNS implementation was not affected: DJBDNS.