I’ve written a couple entries over the past weeks regarding a critical bug in the Domain Name System (DNS)—one of the core engines behind a functioning, secure Internet. This bug, if exploited, would have allowed attackers to redirect legitimate Internet traffic to malicious sites and could have destabilized the entire web. Dan Kaminsky, the security researcher who discovered the bug, worked with major DNS software maintainers and various major web sites on the web to put out an unprecedented multi-vendor patch, and many system administrators around the world deserve commendation for testing and applying those patches.
If you’ve been waiting for details (as I have), they’re now available in a downloadable PowerPoint presentation over at Dan Kaminsky’s web site. The bug is as bad (and perhaps even worse) than all the chatter and speculation led us to believe.
Over on Kaminsky’s site you can also check your DNS servers to see if they are secured (which is likely your ISP’s responisibility). Do your part too: run Windows Update (Windows), Software Update (Mac), or apt-get/yum/Update Manager/Pup/whatever (Linux) to make sure your system is up-to-date.