1 |
The recently released (early july) advisory on the DNS exploits |
2 |
discovered earlier this year have caused a bit of stir on the |
3 |
BIND mailing lists, and rightly so. Everybody on board with this one? |
4 |
|
5 |
CERT Bulletin: |
6 |
|
7 |
http://www.kb.cert.org/vuls/id/800113 |
8 |
|
9 |
Dan Kiersky's own description, and web-based nameserver checker: |
10 |
|
11 |
http://www.doxpara.com/ |
12 |
|
13 |
Alternate web-based nameserver checker (recommended by me! ) |
14 |
|
15 |
https://www.dns-oarc.net/oarc/services/dnsentropy |
16 |
|
17 |
If your nameservers aren't updated, do so! If your ISP's nameservers |
18 |
aren't updated, hound them relentlessly until they are! This is the |
19 |
only way we can all protect the validity of our clients and our own |
20 |
data. |