[vc_row][vc_column width=”2/3″][vc_column_text]We are barely into the new year, and BIND users have more patching to do. Today, the Internet Software Consortium (ISC) announced the availability of patches to fix two critical BIND security vulnerabilities: • CVE-2015-8704 • CVE-2015-8705 Both of these vulnerabilities
[vc_row][vc_column width=”2/3″][vc_column_text]The grinch showed up early for BIND users this year, in the form of two new critical security vulnerabilities that can crash BIND. The two vulnerabilities are: • CVE-2015-8000 • CVE-2015-8461 ISC has released patches of its BIND software that correct the problem. Users of BIND-based appliances from vendors such as Infoblox, Bluecat Networks, […]
September 2, 2015 was not a good day for BIND users. Two new critical security vulnerabilities were announced today – both of them are remotely exploitable vulnerabilities that crash the server. The two vulnerabilities are: CVE-2015-5986 CVE-2015-5722 ISC has release patches of its BIND software that correct the problem. Users of BIND-based appliances from vendors such […]
On July 28, 2015, the Internet Systems Consortium reported a critical security vulnerability in BIND, CVE-2015-5477. This vulnerability, which affects both BIND recursive and authoritative servers, is caused by an error in the handling of TKEY queries, allowing a remote attacker to crash BIND by sending a deliberately constructed query. This vulnerability is considered critical, as it cannot […]
CERT recently reported two Network Time Protocol (NTP) vulnerabilities (CERT VU#374268 April 7, 2015) . The first one concerns some versions of NTP Project software that will accept packets without authentication digests as if they actually had valid digests attached, and the second one describes a Denial of Service (DoS) scenario in which an attacker […]
This blog post provides three techniques that can be used to protect resolvers against pseudo random subdomain attacks (PRSD).
Our Chief Operating Officer, Joe Gersch, recently authored this blog post on managing large numbers of reverse DNS records at our partner, 6connect’s, blog site: http://www.6connect.com/blog/dont-drown-ipv6-address-sea/
Secure64 has confirmed that its DNS Cache product is not vulnerable to the latest BIND Vulnerability bug announced by ISC on December 8, 2014. This BIND bug is categorized as severe and remotely exploitable, and is the 9th such vulnerability in the past 24 months. The announcements describe flaws in the BIND DNS resolver that […]
IP address assignments around the world are handled by the Regional Internet Registries (RIR). In the beginning of May, I had the pleasure to attend and be a speaker at the LACNIC (the Latin American RIR) conference in Cancun, Mexico. My talk about IPv6 and DNS was very well received and I think the audience […]
The Heartbleed flaw in OpenSSL highlights a critical vulnerability in the structure of the Internet: lack of diversity in critical software and hardware that run everything. Use of “free” open source software and commodity hardware enables a lot of applications and services to be delivered inexpensively but also leaves critical infrastructure open to exploitation […]
