Technical Discussion
  >> Security Related Issues


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User AdrianPH
(member) Wed 17-Feb-16 14:27:40
Print Post

Major bug in one of the Internet's core building blocks


[link to this post]
 
http://arstechnica.com/security/2016/02/extremely-se...

UNO FTTC : Synch : 80/20 : Grade A : Download 75.31.Mb/s : Upload 18.71 Mb/s : ping 9 ms
Standard User Lethe
(fountain of knowledge) Wed 17-Feb-16 15:09:01
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: AdrianPH] [link to this post]
 
This is moot. Sure, it's a big deal on the surface, but if you use your ISP DNS (as all should) then no big deal. Just don't let your devices connect to arbitrary DNS servers - and in what context would that happen anyway?

The only other issue is if your DNS server (ISP or HOME) gets hi-jacked to point to the ones that will do this (unlikely).

Sleep tight tonight.

Nick
Standard User bobble_bob
(knowledge is power) Wed 17-Feb-16 15:14:20
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: AdrianPH] [link to this post]
 
The bug has been around since 2008 and not been exploited yet so fair to say its not easy to do


Register (or login) on our website and you will not see this ad.

Standard User AdrianPH
(member) Wed 17-Feb-16 15:54:42
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: bobble_bob] [link to this post]
 
Nobody had seen it before, that doesn't mean it's hard to do.

UNO FTTC : Synch : 80/20 : Grade A : Download 75.31.Mb/s : Upload 18.71 Mb/s : ping 9 ms
Standard User bobble_bob
(knowledge is power) Wed 17-Feb-16 16:07:08
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: AdrianPH] [link to this post]
 
True, but there are people out there that actively look for exploits like this, yet it appears it was discovered by accident.
Standard User Article61
(newbie) Fri 19-Feb-16 17:04:31
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: Lethe] [link to this post]
 
In reply to a post by Lethe:
This is moot. Sure, it's a big deal on the surface, but if you use your ISP DNS (as all should) then no big deal. Just don't let your devices connect to arbitrary DNS servers - and in what context would that happen anyway?

The only other issue is if your DNS server (ISP or HOME) gets hi-jacked to point to the ones that will do this (unlikely).

Sleep tight tonight.

Nick


I think that's an over simplistic view of the issue. There are vast numbers of scripts that have been compiled using GlibC or make calls to GlibC functionality. Sure it's a DNS related issue but lots of scripts rely on DNS functionality and if one of those scripts causes the overflow you're vulnerable to an exploitation. Just think about all those old routers out there that people have never patched or unsupported end of life products with no updates available. Anyone running a public facing server needs to take some sort of proactive measures to mitigate the chances of a successful attack. Updating GlibC with the new patch isn't going to be enough if running scripts were complied with the old version leaving them vulnerable.
Standard User Lethe
(fountain of knowledge) Fri 19-Feb-16 18:43:18
Print Post

Re: Major bug in one of the Internet's core building blocks


[re: Article61] [link to this post]
 
You miss the point. My machine queries the DNS I set (usually my ISP). That then queries up the tier.

How can a hosted DNS malware server that my network doesn't touch can touch me?

The only way I read into this is if you use a compromised DNS server that is using this flaw you will get done - and also the man-in-the-middle attack is so complex, it is totally unlikely in a million years you will get hurt.

It's just moot.

Nick
  Print Thread

Jump to