Just a note that more vulnerabilities have been discovered that will require another round of patching. Infoblox have released a new version of NIOS to address these and other vendors are publishing patches as I write this. The CVE’s are summarised below: CVE–2016–2088: A response containing multiple DNS cookies causes servers with cookie support enabled […]
posted on March 10, 2016 by
Leave a Comment
CVE-2016-1285, CVE-2016-1286 and CVE-2016-2088 vulnerabilities
posted on August 5, 2015 by
CVE-2015-5477: Sorry, you will need to patch if you’re running BIND!
We don’t normally get too involved with discussing or publishing details about bugs and patches for BIND, however due to the severity of CVE-2015-5477, it has prompted a couple of customers to email me directly who I think just wanted a second opinion. Basically, yes, you do have to patch BIND! Unfortunately, the news from […]
posted on November 18, 2013 by
Infoblox Introduces a New Defense Against Advanced Persistent Threats
Infoblox has introduced ‘The Infoblox DNS Firewall – FireEye Adapter‘, bringing together the power of the Infoblox DNS Firewall and the malware protection system from FireEye to help organizations protect themselves against Advanced Persistent Threats (APTs). Today, enterprise networks are under increasing attack by APTs, which leverage stealth and work over a long period of […]
posted on March 27, 2013 by
The biggest DDoS attack in history, all due to DNS
There’s been a lot of talk today about a massive DDoS attack that has been running for the past week or so. It has used DNS amplification in order to create a 300Gbps storm of traffic aimed at Spamhaus, the anti-spam site that distributes blacklists of known sites responsible for sending spam email. What is incredible is the […]
posted on January 25, 2013 by
CVE-2012-5689: BIND 9 with DNS64 enabled can unexpectedly terminate when resolving domains in RPZ
ISC BIND DNS 9.8.x through 9.8.4-P1 and 9.9.x through 9.9.2-P1, in certain configurations involving DNS64 with a Response Policy Zone that lacks an AAAA rewrite rule, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query for an AAAA record. Please check the ISC knowledgebase for further information […]