The Grinch Comes Early for BIND Users
[vc_row][vc_column width=”2/3″][vc_column_text]The grinch showed up early for BIND users this year, in the form of two new critical security vulnerabilities that can crash BIND. The two vulnerabilities are: • CVE-2015-8000 • CVE-2015-8461 ISC has released patches of its BIND software that correct the problem. Users of BIND-based appliances from vendors such as Infoblox, Bluecat Networks, […]
When It Rains, It Pours. More BIND Vulnerabilities.
September 2, 2015 was not a good day for BIND users. Two new critical security vulnerabilities were announced today – both of them are remotely exploitable vulnerabilities that crash the server. The two vulnerabilities are: CVE-2015-5986 CVE-2015-5722 ISC has release patches of its BIND software that correct the problem. Users of BIND-based appliances from vendors such […]
Secure64 DNS Products Not Vulnerable to BIND Security Flaw
On July 28, 2015, the Internet Systems Consortium reported a critical security vulnerability in BIND, CVE-2015-5477. This vulnerability, which affects both BIND recursive and authoritative servers, is caused by an error in the handling of TKEY queries, allowing a remote attacker to crash BIND by sending a deliberately constructed query. This vulnerability is considered critical, as it cannot […]
Secure64 SourceT OS not vulnerable to NTP flaws
CERT recently reported two Network Time Protocol (NTP) vulnerabilities (CERT VU#374268 April 7, 2015) . The first one concerns some versions of NTP Project software that will accept packets without authentication digests as if they actually had valid digests attached, and the second one describes a Denial of Service (DoS) scenario in which an attacker […]
More Defenses Against Pseudo Random Subdomain Attacks (PRSD)
This blog post provides three techniques that can be used to protect resolvers against pseudo random subdomain attacks (PRSD).
Don’t drown in the IPv6 address sea
Our Chief Operating Officer, Joe Gersch, recently authored this blog post on managing large numbers of reverse DNS records at our partner, 6connect’s, blog site: http://www.6connect.com/blog/dont-drown-ipv6-address-sea/