[dns-operations] Client Side Issues

Ken A ka at pacific.net
Fri Jul 25 15:09:05 UTC 2008


Jon Kibler wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> All,
> 
> Okay, we have been flogging DNS *SERVER* issues to death for the last
> couple of weeks. Now, I would like to switch sides and talk about client
> side issues.
> 
> By default, all windows systems run a service call DNS Client. It is my
> understanding that this is a caching resolver. Is this vulnerable? Has
> Microsoft patched it? (I have never seen a need for this service, so for
> a couple of years now, I have been advising my clients to disable this
> service via a group policy.)
> 
> I have never really spent any time looking at the BIND light weight
> resolver. Is is similar to the Windows DNS Client software? Are there
> vulnerability issues with it?
> 
> I guess these questions really should be more general: What are the
> client side issues to with this vulnerability, what should be done about
> them, and are all the client side resolvers patched? ETCETERA.

MS Patched with MS08-037 to randomize ports.
http://www.microsoft.com/technet/security/Bulletin/MS08-037.mspx
That's the one that broke Zone Alarm.
Ken


> 
> Jon Kibler
> - --
> Jon R. Kibler
> Chief Technical Officer
> Advanced Systems Engineering Technology, Inc.
> Charleston, SC  USA
> o: 843-849-8214
> c: 843-224-2494
> s: 843-564-4224
> 
> My PGP Fingerprint is:
> BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iEYEARECAAYFAkiJ5yIACgkQUVxQRc85QlPF5QCfZdwe2uxw2lY5j7ByuojPI8xO
> xe4AniYUg76l8jUcaJThHfyemBBvm2fr
> =C+ix
> -----END PGP SIGNATURE-----
> 
> 
> 
> 
> ==================================================
> Filtered by: TRUSTEM.COM's Email Filtering Service
> http://www.trustem.com/
> No Spam. No Viruses. Just Good Clean Email.
> 
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations


-- 
Ken Anderson
Pacific.Net




More information about the dns-operations mailing list