<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Vixies vixens make big boo boo on successful Russian DNS hack
- To: Ga <ga@xxxxxxxxxxxxxx>
- Subject: Re: [ga] Vixies vixens make big boo boo on successful Russian DNS hack
- From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
- Date: Sun, 10 Aug 2008 21:58:55 -0700
Dr. Joe and all,
As you know, I know what you mean vis a vi Palmer. I
routinely delete his posts. I shall not add spice to his
goulash. I know you Joe, so even at times we may not
always agree fully, I always consider your thoughts carefully
and fully before commenting one way of another. I also know
that you are a very knowledgeable person in various areas of
expertise in the IT arena. Like myself, raw politics is not
your plate of caviare.
Joe Baptista wrote:
>
>
> On Sun, Aug 10, 2008 at 9:54 PM, Jeffrey A.
> Williams <jwkckid1@xxxxxxxxxxxxx> wrote:
>
> Well your very welcome indeed! >:) After all what is a
> meal,
> if not with the proper spice to enhance properly the savory
> taste
> eh? Unless of course that meal is best served cold... Food
> for
> thought prhaps? You be the judge.
>
>
> Indeed. Sometimes a chilly affair is delicious. But this one I think
> I would prefer spicy hot.
>
> Have you noticed the recent appeals to my person from one Thomas
> Baxter (a.k.a. John Palmer). My fellow monitor and chair in their
> silence don't seem to mind if we take the group into a brief encounter
> with libel and slander. They are reminded if they have concerns they
> should be addressed by the three of us in private first.
>
> I think I should reply but was hoping for one more appeal. I get a
> kick out of Palmers attempts to libel and slander me on the GA. But i
> think I'll continue my silence until Palmer really starts squealing.
>
> What do you think. Have we got game?
>
> regards
> joe baptista
>
>
>
>
> Joe Baptista wrote:
>
> >
> >
> > On Sun, Aug 10, 2008 at 3:12 AM, Jeffrey A.
> > Williams <jwkckid1@xxxxxxxxxxxxx> wrote:
> >
> >
> > Dr. Joe and all,
> >
> > Thanks for also saving/archiving the original story.
>
> > History if
> > saved in this manner can never be truthfully
> revised. BTW,
> > I
> > and 200 odd other or our members also archived this
> story
> > including all metadata for forensics purposes as well
> if
> > needed
> > in the future for legal purposes. I hope SANS will
> also be
> > covering it as well as did NetworkWorld.
> >
> >
> > Your a gem Jeff, if not a joy to add flavour to our
> gatherings.
> >
> > cheers
> > joe baptista
> >
> >
> >
> >
> > FWIW, it may be time to keep a closer watch on
> Circleid,
> > which I have also written for on occasion. Yellow
> > journalism
> > is not a good thing...
> >
> > Joe Baptista wrote:
> >
> > >
> > > The news story below was first published on
> CircleID. It
> > has since
> > > been yanked and is no where to be found on
> CircleID.
> > Maybe we are
> > > witnessing a bit of history revision. This makes
> me sad
> > because
> > > CircleID was a publication I once wrote for. In
> fact I
> > was one of the
> > > first paid writer for the organization. Probably
> the only
> > one at the
> > > time. And it is sad to see revision at an
> organization I
> > was once
> > > associated with.
> > >
> > > However it is understandable considering Vixie, the
> sacred
> > cow of DNS,
> > > made such a stupid and silly statement in the
> article.
> > >
> > > Basically an internet researcher in Russia was able
> to
> > break the Vixie
> > > patch and poison a servers cache after some 10
> hours,
> > billions of
> > > connections over a gigabit connection. Vixies
> response
> > was "before
> > > somebody gets all excited about it let's be clear
> that it
> > takes two
> > > billion packets on average to defeat UDP port
> > randomization, which in
> > > this case was a fully utilized gigabit Internet
> connection
> > for a
> > > period of ten hours." and proceeded to draw
> parallels
> > that the level
> > > of risk was reasonably low because of this
> > rationalization.
> > >
> > > I think sometime Vixie lives in the dark ages of
> the net,
> > when
> > > everything was low bandwidth and script kiddies
> were a
> > novelty.
> > > Indeed Polyakov, the Russian researcher, should be
> > congratulated for
> > > his success in this attack considering the poor
> russian
> > was using such
> > > limited resources.
> > >
> > > Unlike script kiddies or real internet criminals
> Polyakov
> > did not have
> > > the resources required, being hundreds of thousands
> of
> > computers
> > > connected through a maze of IRC botnets on hundreds
> of
> > thousands of
> > > both DSL and gigabit connections to conduct a
> proper
> > attack. Poor man
> > > had to do it with one computer and one high speed
> internet
> > link. If
> > > he had better resources - like the kiddies - he
> could
> > probably do it
> > > in much less time - 10 - 20 minutes?
> > >
> > > Under these circumstances I'm not surprised the
> story was
> > yanked. The
> > > quote makes Vixie look like an idiot.
> > >
> > > In any case - here is the original story no longer
> > published at
> > > CircleID.
> > >
> > >
> > > Latest news postings on CircleID
> > > URL: http://www.circleid.com/news/
> > > Updated: 10 hours 46 min ago
> > >
> > > Emergency DNS Patch Still Vulnerable, Proves
> Russian
> > Physicist
> > >
> > > 10 hours 19 min ago
> > > A Russian physicist has been able to successfully
> poison
> > the latest
> > > BIND patch with fully randomized ports. In other
> words,
> > the emergency
> > > fix put in place to patch the Domain Name System
> (DNS)
> > vulnerability
> > > for BIND, Internet's most popular DNS software, has
> been
> > demonstrated
> > > to be vulnerable?and still exploitable by
> criminals.
> > >
> > > Evgeniy Polyakov from Moscow, Russia in a blog post
> today,
> > has shown
> > > how using two fairly powerful computers and a fast
> > broadband
> > > connection, one could successfully attack the
> patched DNS
> > server in
> > > less than 10 hours. With a fast connection, "any
> trojaned
> > machine can
> > > poison your DNS during one night" says Polyakov in
> his
> > blog post.
> > >
> > > As demonstrated by security expert, Dan Kaminsky on
>
> > Wednesday at the
> > > Black Hat security conference, the vulnerability,
> if
> > exploited by
> > > criminal, could be detrimental to the Web as well
> as
> > services such as
> > > email.
> > >
> > > Paul Vixie, president of the Internet Systems
> Consortium
> > (ISC), the
> > > organization in charge of maintaining the BIND
> software
> > has verified
> > > that Polyakov's exploit looks real. However "before
>
> > somebody gets all
> > > excited about it," Vixie says, "let's be clear that
> it
> > takes two
> > > billion packets on average to defeat UDP port
> > randomization, which in
> > > this case was a fully utilized gigabit Internet
> connection
> > for a
> > > period of ten hours." In other words, the
> probability of a
> > successful
> > > attack is fairly minimal. On the other hand, in the
> case
> > of an
> > > unpatched server, an attack was "narrowed down to
> six
> > seconds," Vixie
> > > noted.
> > >
> > > In the long term, Vixie says "we'll go on improving
> our
> > forgery
> > > resilience, as will every recursive DNS
> implementor, while
> > we continue
> > > pushing DNSSEC as the ultimate long term solution
> to the
> > entire
> > > forgery problem including this off-path-attacker
> problem."
> >
> > >
> > > More under: DNS, DNSSEC, Security
> > > Categories: Net coverage
> > >
> > > --
> > > Joe Baptista
> > > www.publicroot.org
> > > PublicRoot Consortium
> > >
> >
> ----------------------------------------------------------------
>
> >
> > > The future of the Internet is Open, Transparent,
> > Inclusive,
> > > Representative & Accountable to the Internet
> community
> > @large.
> > >
> >
> ----------------------------------------------------------------
>
> >
> > > Office: +1 (360) 526-6077 (extension 052)
> > > Fax: +1 (509) 479-0084
> > >
> > >
> > Regards,
> >
> > Spokesman for INEGroup LLA. - (Over 281k
> > members/stakeholders strong!)
> > "Obedience of the law is the greatest freedom" -
> > Abraham Lincoln
> >
> > "Credit should go with the performance of duty and
> not with
> > what is
> > very often the accident of glory" - Theodore
> Roosevelt
> >
> > "If the probability be called P; the injury, L; and
> the
> > burden, B;
> > liability depends upon whether B is less than L
> multiplied
> > by
> > P: i.e., whether B is less than PL."
> > United States v. Carroll Towing (159 F.2d 169 [2d
> Cir.
> > 1947]
> > =====
> >
> =========================================================
> > Updated 1/26/04
> > CSO/DIR. Internet Network Eng. SR. Eng. Network data
> > security IDNS.
> > div. of Information Network Eng. INEG. INC.
> > ABA member in good standing member ID 01257402 E-Mail
>
> > jwkckid1@xxxxxxxxxxxxx
> > My Phone: 214-244-4827
> >
> >
> >
> >
> >
> > --
> > Joe Baptista
> > www.publicroot.org
> > PublicRoot Consortium
> >
> ----------------------------------------------------------------
>
> > The future of the Internet is Open, Transparent,
> Inclusive,
> > Representative & Accountable to the Internet community
> @large.
> >
> ----------------------------------------------------------------
>
> > Office: +1 (360) 526-6077 (extension 052)
> > Fax: +1 (509) 479-0084
> >
> > Regards,
> >
> > Spokesman for INEGroup LLA. - (Over 281k
> members/stakeholders strong!)
> >
> > "Obedience of the law is the greatest freedom" -
> > Abraham Lincoln
> >
> > "Credit should go with the performance of duty and not
> with what is
> > very often the accident of glory" - Theodore Roosevelt
> >
> > "If the probability be called P; the injury, L; and the
> burden, B;
> > liability depends upon whether B is less than L multiplied
> by
> > P: i.e., whether B is less than PL."
> > United States v. Carroll Towing (159 F.2d 169 [2d Cir.
> 1947]
> >
> ===============================================================
>
> > Updated 1/26/04
> > CSO/DIR. Internet Network Eng. SR. Eng. Network data
> security IDNS.
> > div. of Information Network Eng. INEG. INC.
> > ABA member in good standing member ID 01257402 E-Mail
> > jwkckid1@xxxxxxxxxxxxx
> > My Phone: 214-244-4827
> >
>
>
>
>
>
> --
> Joe Baptista
> www.publicroot.org
> PublicRoot Consortium
> ----------------------------------------------------------------
> The future of the Internet is Open, Transparent, Inclusive,
> Representative & Accountable to the Internet community @large.
> ----------------------------------------------------------------
> Office: +1 (360) 526-6077 (extension 052)
> Fax: +1 (509) 479-0084
>
>
Regards,
Spokesman for INEGroup LLA. - (Over 281k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
Abraham Lincoln
"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt
"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng. INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|