|
No, I don't really want to get into an argument about whether Dan Kaminsky has found anything new. It seems pretty clear that he's found a new, more efficient way to poison DNS caches or Microsoft/Cisco/ISC (not SANS ISC, but then you knew that) wouldn't have reacted in unison as they did, but we've known that the ID field was too small for something like 15 years and some folks like Dan Bernstein have been recommending using random source ports for about 10 years. In light of all of that noise, however, I was amused to read this Computerworld story about a bug in yacc (ah, the fond memories of my days writing compilers) that traces back to 1975 that was just discovered and fixed.
---Jim I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Cyber Defence Australia 2022 |
Jim 423 Posts ISC Handler Jul 11th 2008 |
| Thread locked Subscribe |
Jul 11th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
