DNSstuff DNS Vulnerability Check

DNSstuff.com (www.dnsstuff.com) has announced DNS Vulnerability Check, an enhanced tool that verifies whether your DNS servers are vulnerable to the critical DNS flaw discovered earlier this year by Dan Kaminsky, Director of Penetration Testing for IOActive. The flaw allows an attacker to poison a DNS server cache by injecting it with forged data -- making it such a significant flaw that US- CERT, the government's cyber security arm, and 80 vendors including Nominum, Microsoft and Cisco, coordinated together to issue a patch. You may run this tool free at www.dnsstuff.com starting Wednesday, July 16, 2008.

"This is about as serious as you can get," said Dan Kaminsky. "DNSstuff offered to help out and enhance this tool to better validate any DNS server. It's a team effort, no doubt."

"This is significant but it's under control, now we just need users to deploy the patches that have been built," said Paul D. Parisi, CTO of DNSstuff.com. "This won't be the last flaw discovered, but this is definitely one of the most critical. It's no secret that DNS is part of almost all communications on the Internet and that it is being pushed to its limits. This is why DNSstuff.com is focused on how to best manage DNS in order to avoid major email and web problems. DNSreport is the most comprehensive DNS health check available to validate your configuration. We quickly pinpoint the problem and provide steps to fix it."

"This particular DNS attack is without a doubt the most dangerous discovered in the DNS to date," said Paul Mockapetris, Inventor of DNS. "It is imperative that IT managers for organizations Worldwide update their DNS software right away. The update on caching servers' perimeters will ensure optimal performance, and the new tool provided by DNSstuff.com is just what companies need to stay on top of their DNS, and prevent them from becoming victims of damaging exploits such as the one discovered by Kaminsky."