[dns-operations] "Cybercrooks exploiting new Windows DNS flaw"
Fergie
fergdawg at netzero.net
Fri Apr 13 20:52:58 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- -- Roland Dobbins <rdobbins at cisco.com> wrote:
>On Apr 13, 2007, at 1:44 PM, Stasiniewicz, Adam wrote:
>
>> But not one of them are running external Windows DNS servers. I am
>> referring to those small and medium size companies who use Windows
>> for their internal and external DNS. As those will be the only
>> people who would make a Windows DNS server Internet accessible
>
>Again, this is an unsupported assertion, as are the other assertions
>about firewalls and about filtering policies.
>
>We simply cannot make such sweeping generalizations (well, we can,
>but their probative value is nil).
>
You probably have already seen this, but for what it's worth:
http://www.us-cert.gov/cas/techalerts/TA07-103A.html
It at least contains good advice about how to disable the
RPC vulnerability until a patch is issued.
- - ferg
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.0 (Build 214)
wj8DBQFGH+2jq1pz9mNUZTMRArBAAKCN4IiSJ/HBMFJG325LWk58Y6lQCQCeP/rE
GTkAY4HCBnL5H87Hsa63No0=
=jV5C
-----END PGP SIGNATURE-----
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
More information about the dns-operations
mailing list