Threat Level: Infocon green
Internet Storm Center
phpbb and sql errors asp sqlserver odbc sql errors

Today´s Diary

If you have more information or corrections regarding our diary, please share.


DNS Ghost Domains, How I loath you so!

Published: 2012-02-09,
Last Updated: 2012-02-09 19:52:09 UTC
by Richard Porter (Version: 1)
Rate this diary:

1 comment(s)

One of our handlers posted this to our list and I though I would share (thanks Swa). The CVE has concluded that the NDSS Conference presentation of "Ghost Domain Names; Revoked Yet Still Resolvable" [1] to be verifiable but the CVE is protocol drive. The below links will provide more detail. [2]

 

[1] http://www.internetsociety.org/events/ndss-symposium-2012/symposium-program/feb08

[2] https://www.isc.org/software/bind/advisories/cve-2012-1033

 

Richard Porter

--- ISC Handler on Duty

Keywords: CVE DNS ISC
1 comment(s)
Top of page

February 2012 OUCH! - Securing Your Mobile Device Apps http://www.securingthehuman.org/resources/newsletters/ouch#2012
ISC StormCast for Thursday, February 9th 2012 http://isc.sans.edu/podcastdetail.html?id=2314

If you have more information or corrections regarding our diary, please share.

Diary Archive

DateAuthorTitle
2012-02-09 Richard Porter DNS Ghost Domains, How I loath you so!
2012-02-08 Jim Clausing Chrome to stop checking Certificate Revocation List (CRL)?
2012-02-07 Adam Swanger ISC Feature of the Week: Security Dashboard
2012-02-07 Jim Clausing Book Review: Practical Packet Analysis, 2nd ed
2012-02-07 Johannes Ullrich Secure E-Mail Access
2012-02-05 Tony Carothers Cybersecurity Legislation Components
2012-02-04 Scott Fendley Apple Security Advisory 2012-001 v1.1
2012-02-03 Johannes Ullrich Critical PHP bug patched
2012-02-03 Guy Bruneau Sophos 2012 Security Threat Report
2012-02-01 Adam Swanger ISC Feature of the Week: ISC Search
Folder Icon Complete Archive
Search Diaries:

Diary Tagslink arrow

  foca     patch tuesday     smime     ironport     breach     nmap     vmware advisory     certificate     oracle     anonymous     vmware patches     crl     malware     mac os x security update     data breach     oracle patches     email     workaround     scripting stderr     ddos     chrome     dnssec     mac os x     webattacks     0day     patch     windows     dns sinkhole     firefox release     netbios     adobe     adobe black tuesday     wireshark     vulnerabilities     opendlp     book review     password security     holiday tips     html5     advertising     nbns spoofing     maltego     printer     vulnerability     dos     badware     zappos     aspnet     coldfusion     cisco     scam     flex     webserver     pcanywhere     2012     symantec     stratfor     windows 7     javascript     tcpflow     holiday greetings     obfuscation     type a     microsoft     isc     quarterly     gtdl     win32ksys     microsoft msft patch tuesday patches prerelease     whois info     microsoft patch tuesday     cve     stratford     dns     php     firefox     wifi     sophos     isc feature     wps     firefox security advisories     ssl     mailbag     osint     https     java     packet analysis     policy     apple  
site/port/ip search:

ISC Polllink arrow

What security issue concerns you the most this year?

Latest RR Paperslink arrow

What's in a Name: Uncover the Meaning behind Windows Files and Processes

Auditing Windows Environments PowerShell XML output, windows security, ossams

iPhone Backup Files. A Penetration Tester's Treasure

Auditing ASP.NET applications for PCI DSS compliance

Profiling Hackers

World Map

world map

Trends

trend graph

Security News Feeds

InternetStormCenter
SANS Newsbites
SANS @Risk

Diary Archives

DNS Ghost Domains, How I loath you so! - by: Richard Porter (2012-02-09)

Chrome to stop checking Certificate Revocation List (CRL)? - by: Jim Clausing (2012-02-08)

Book Review: Practical Packet Analysis, 2nd ed - by: Jim Clausing (2012-02-07)

View Diary Archives

Search Diaries:

SANS Institute

View our Privacy Policy

Contact Us

Phone: (757) SANS-ISC (726-7472) - Voice Mail Only
Web Contact: handlers@isc.sans.edu
Report Bugs: Sourceforge Project
Debug Info: Browser Debug Info

"The experiences gained in the SANS Technology Institute program have helped me advance in IBM, taking a more public facing role."
- Jerome Radcliffe, SANS Technology Institute Student

"SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community."
- Rob VandenBrink, Alumni of SANS Technology Institute