Is your DNS secure? Not much you can do anyway!

With the patch for the DNS exploit (US-CERT’s Vulnerability Note VU#800113 [3]) being rolled out, The Register reports[1] of users being redirected to fake google sites.
At the end of the article there are two test sites. I tried both tests and both had good news. The Uni.’s domains check out to have a GREAT (in green) source port randomness and GREAT transaction ID randomness.

1. tested 2. tested

At least I won’t be getting any dodgy ad-based obscene material in my searches for journal articles and conference papers.

Don’t forget to test your ISP: https://www.dns-oarc.net/oarc/services/dnsentropy , Keep an eye out if they are vulnerable and tell us the results.

Update: Sure you could change your DNS entry and have your requests directed to OpenDNS. That is up to you, and how paranoid you are.

Links Used:
[1] theregister.co.uk – Black hats attack gaping DNS hole
http://www.theregister.co.uk/2008/07/31/dns_cache_poisoning_goes_wild/

[2] DNS-OARC – Web-based DNS Randomness Test
https://www.dns-oarc.net/oarc/services/dnsentropy

[3] US-CERT’s Vulnerability Note VU#800113 – http://www.kb.cert.org/vuls/id/800113

This entry was posted in Uncategorized. Bookmark the permalink.

One Response to Is your DNS secure? Not much you can do anyway!

  1. Kosta Xynos says:

    I tested the free wifi access at Hoffi Coffi and it uses OpenDNS which clears as great in both areas.

Leave a Reply

Your email address will not be published. Required fields are marked *