Home > Security, Technology > The DNS Flaw

The DNS Flaw

July 24, 2008 justisengard Leave a comment Go to comments

Evidently there is a flaw or bug in all DNS caching servers that is really simple and has not been patched.

This?! This is the DNS flaw?

The above Infoworld blog is where I initially found out about this. Then I move the the link in the article to Poor DNS blog post of someone who has been doing testing. Checkout what he found, but here is the latest list of vulnerable DNS servers.

Here is the wall of shame so far. These are the DNS servers that I
tested using dig and that returned a “POOR” result (indicating that
they are vulnerable):

  1. 4.2.2.1 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  2. 4.2.2.2 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  3. 4.2.2.3 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  4. 4.2.2.4 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  5. 4.2.2.5 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  6. 4.2.2.6 — Verizon (Level3) [Update: Reports 'FAIR' on 2008-07-24]
  7. 24.113.32.29 — Wave Broadband [Update: Still reports 'POOR' as of 2008-07-24]
  8. 24.113.32.30 — Wave Broadband [Update: Still reports 'POOR' as of 2008-07-24]
  9. 24.48.217.226 — Adelphia (Comcast RoadRunner) [Update: Still reports 'POOR' as of 2008-07-24]
  10. 24.48.217.227 — Adelphia (Comcast RoadRunner) [Update: Still reports 'POOR' as of 2008-07-24]
  11. 67.21.13.2 — Adelphia (Comcast RoadRunner) [Update: Still reports 'POOR' as of 2008-07-24]
  12. 67.21.13.4 — Adelphia (Comcast RoadRunner) [Update: Still reports 'POOR' as of 2008-07-24]
  13. 68.168.1.42 — Adelphia (Comcast) [Update: No longer returns results]
  14. 68.168.1.46 — Adelphia (Comcast) [Update: No longer returns results]
  15. 68.87.64.196 — Comcast [Update: Still reports 'POOR' as of 2008-07-24]
  16. 68.87.66.196 — Comcast [Update: Still reports 'POOR' as of 2008-07-24]
  17. 68.87.85.98 — Comcast [Update: Still reports 'POOR' as of 2008-07-24]
  18. 68.87.96.3 — Comcast [Update: Reports 'GOOD' as of 2008-07-24]
  19. 68.87.96.4 — Comcast [Update: Reports 'GOOD' as of 2008-07-24]
  20. 68.94.156.1 — SBC/AT&T [Update: Reports 'GOOD' as of 2008-07-24]
  21. 68.94.157.1 — SBC/AT&T [Update: Reports 'GOOD' as of 2008-07-24]
  22. 194.72.9.38 — BTInternet [Update: Still reports 'POOR' as of 2008-07-24]
  23. 199.2.252.10 — Sprintlink [Update: Still reports 'POOR' as of 2008-07-24]
  24. 202.188.1.5 — Tmnet Streamyx [Update: Still reports 'POOR' as of 2008-07-24]
  25. 202.27.156.72 — Xtra (New Zealand) [Update: Still reports 'POOR' as of 2008-07-24]
  26. 202.27.158.40 — Xtra (New Zealand) [Update: Still reports 'POOR' as of 2008-07-24]
  27. 204.117.214.10 — Sprintlink [Update: Still reports 'POOR' as of 2008-07-24]
  28. 204.97.212.10 — Sprintlink [Update: Still reports 'POOR' as of 2008-07-24]
  29. 205.152.37.23 — Bellsouth [Update: Still reports 'POOR' as of 2008-07-24]
  30. 207.69.188.186 — Earthlink [Update: Reports 'GOOD' as of 2008-07-24]
  31. 207.69.188.187 — Earthlink [Update: Reports 'GOOD' as of 2008-07-24]
  32. 209.55.0.110 — Suddenlink [Update: Reports 'GOOD' as of 2008-07-24]
  33. 209.55.1.220 — Suddenlink [Update: Reports 'GOOD' as of 2008-07-24]

No TimeWarner/RoadRunner thankfully.


Categories: Security, Technology Tags: , ,