Rogers DNS still vulnerable?

Author	All Replies
gabtris join:2007-02-08 Kanata, ON	Rogers DNS still vulnerable? I had to go over to my father's house today and set him up onto the OpenDNS servers simply because the Rogers DNS server (and yes, its the one that was getting auto-configured) was showing the following: All requests came from the following source port: 50776 Due to events outside our control, details of the vulnerability have been leaked. Please consider using a safe DNS server, such as OpenDNS. Note: Comcast users should not worry. -------------------------------------------------------------------------------- Requests seen for 73dbf747dd4e.doxdns5.com: 64.71.246.222:50776 TXID=29975 64.71.246.222:50776 TXID=39970 64.71.246.222:50776 TXID=52783 64.71.246.222:50776 TXID=8807 64.71.246.222:50776 TXID=44011 I can't believe that Rogers has not done anything about this since they should have known about the problem for a month now. Hopefully someone here that knows a bit more about Rogers and its service can enlighten me or point out an admin that can be notified. While it is nice that the Rogers DNS server was not sending all queries out of port 53, its just as bad to send them out of any single port. Thanks in advance
gabtris join:2007-02-08 Kanata, ON	to forum · permalink · · 2008-08-08 14:32:32 ·
anon242342 @rogers.com	They already know about it. But you have to know the Rogers management structure to understand why it takes so long to get anything done. For a small agile company it's a quick fix, for a big dinosaur like Rogers expect multiple levels of approvals and testing and more approvals before anything gets done.
anon242342 @rogers.com	to forum · permalink · 2008-08-08 16:33:59 ·
gabtris join:2007-02-08 Kanata, ON	Well... Given the number of service providers that have already patched their systems and how much larger they are (eg. Comcast), Rogers performance is absolutely pathetic if they haven't patched everything up yet.
gabtris join:2007-02-08 Kanata, ON	to forum · permalink · · 2008-08-08 19:04:30 ·
name untaken @rogers.com	reply to gabtris Its really not something to get worried about, people are way overreacting here, the ods of someone exploiting the vulnerablity is 1 out of 65534 x number of DNS servers they run. My guestimate would be around 20 servers.
name untaken @rogers.com	to forum · permalink · 2008-08-10 23:58:02 ·
gabtris join:2007-02-08 Kanata, ON	reply to gabtris If I were you I would go and read up about the presentation that Dan Kaminsky gave at Black Hat last week and THEN tell me it's nothing to get worried about. And I don't believe the number of DNS servers they run has anything to do with it as you only need to poison the cache on 1 server in order to see returns on your hacking. And 1 in 65534 is not something I want to take a chance with since the avg hacker can send 65534 packets in a very short amount of time...
gabtris join:2007-02-08 Kanata, ON	to forum · permalink · · 2008-08-11 16:16:44 ·


Wednesday, 02-Dec 20:45:28	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF