Archive for the ‘Uncategorized’ Category

SECURITY ALERT: check your DNS servers

Tuesday, July 22nd, 2008

The full details of the infamous DNS vulnerability have been inadvertently disclosed. The post was pulled, but I can still read it in my Vienna database.

The vulnerability is bad, folks. I completely agree with the decision to keep the details secret while vendors patch their DNS servers. The secret is out now, though, so there’s no time to wait. Perform the web-based test of your DNS servers, and switch to different servers if the results are POOR. If you need to switch, one decent option is OpenDNS.

Laptop users should be especially careful, because your ISP changes when you take your computer to different locations. Even if you pass the test at home, you may be vulnerable at the coffee shop. I recommend hard-coding DNS server IP addresses in the Network pane of System Preferences. You might also want to check the DNS settings of any routers you use.