TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
 ·Comcast
| reply to shopkins
Re: Quick Responses - Teksavvy
said by shopkins  :Proof as to why Teksavvy is a great ISP - we posted in their forum on DSLR yesterday and by midnight they had applied the patches. That is service ! Better that the problem was avoided all together like the OpenDNS service did. If you used OpenDNS for your DNS servers you never were exposed at all.
More info on this security issue here in the BBR Security forum: »Internet flaw could let hackers take over the Web
--
My BLOG .. .. Internet News .. .. My Web Page |
|
shopkins
join:2008-05-23
Nepean, ON
 ·TekSavvy Solutions..
·Bell Sympatico
| said by TKJunkMail :Better that the problem was avoided all together like the OpenDNS service did. If you used OpenDNS for your DNS servers you never were exposed at all. More info on this security issue here in the BBR Security forum: » Internet flaw could let hackers take over the Web True - apparently the potential exploit of the flaw has been known for a while (recall reading a comment that the DNS system has been known to be broken for a while). OpenDNS is a good solution for someone with some knowledge but I am pretty sure that the big ISP's (Bell, Telus & Rogers in Canada) would not pre-configure their service to use someone else's DNS. And 99% of internet users would never even want to fiddle with those setting... unlike those of us here on DSLR that have a higher comfort level with these changes.
Unsure exactly what TekSavvy did to patch their system but I would guess (since they said that they are not on an MS system) that they upgraded their BIND from v8 to v9. But that is pure speculation because I can honestly say that I do not know what that last sentence implies wrt ease of an upgrade  |
|
Rob
In Deo speramus, God Bless the USA
Premium
join:2001-08-25
Kendall, FL
·Comcast
1 edit | reply to TKJunkMail
said by TKJunkMail :said by shopkins :Proof as to why Teksavvy is a great ISP - we posted in their forum on DSLR yesterday and by midnight they had applied the patches. That is service ! Better that the problem was avoided all together like the OpenDNS service did. If you used OpenDNS for your DNS servers you never were exposed at all. More info on this security issue here in the BBR Security forum: » Internet flaw could let hackers take over the Web Not to take credit away from OpenDNS, but shopkins is referring to an ISP.
When was the last time you saw an ISP be so proactive and respond so quickly to these type of issues? I know I haven't. It's good to see TekSavvy be so quick to respond and update their systems - high five to them. |
|
en102
Canadian, eh?
join:2001-01-26
Valencia, CA | DSL Extreme has been typically quick to respond.. however, they also did attempt to install Zone finder once.
--
Canada = Hollywood North |
|
NetAdmin
CCNA
join:2008-05-22
| reply to TKJunkMail
said by TKJunkMail :Better that the problem was avoided all together like the OpenDNS service did. That's because OpenDNS's systems uses a non-standard, in-house product for their DNS services.
--
---
Over ten plus years of carrying The Clue Bat... |
|
dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ | is there a PoC somewhere you can test your providers servers at? |
|
NetAdmin
CCNA
join:2008-05-22
| said by dvd536 :is there a PoC somewhere you can test your providers servers at? There is not one listed in the CERT advisories and I haven't seen anything on NANOG. The CERT advisory does give a list of affected products at the bottom of the notice:
»www.kb.cert.org/vuls/id/800113
--
---
Over ten plus years of carrying The Clue Bat... |
|
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| reply to shopkins
said by shopkins :True - apparently the potential exploit of the flaw has been known for a while (recall reading a comment that the DNS system has been known to be broken for a while). Sometimes the nutjobs are 100% right:
»cr.yp.to/djbdns/forgery-cost.txt |
|
