By Elinor Mills
Security - CNet News.com
August 21, 2008
A fatal flaw with the DNS (Domain Name System) is being exploited in
Internet attacks and more attacks are likely, the security researcher
who discovered the flaw said on Thursday.
"I do think we are going to see attacks. I think we have been seeing
attacks already going on in the field," said Dan Kaminsky, director of
penetration testing for IOActive, who warned the industry about the DNS
vulnerability nearly five months ago. "We're doing everything we can to
mitigate and reduce its incidence."
Kaminsky mentioned a DNS-related incident with China Netcom (possibly
the incident reported by the ZD Net Zero Day blog ), but said it
wasn't clear that it was due to the vulnerability he found. "There are
other scenarios that I can't, unfortunately, get into," he added.
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!