Sunday, July 13, 2008

DNS vulnerabilites and Sydney IT Security Group


101 posts, yay.


Not really as I imported all those journal entries from 2003 and before, so it is more.
On family news, Anne is trying to walk, and Geoffrey is in potty training. She is only 9 months old, and only crawls when on carpet but she is stubborn. She sees Geoffrey walk and wants to run after him, she pulls herself up onto the coffee table or kiddie couch and looks around, heck she even tries to stand on the spot; which just means she ends up with her bum in the air, her legs straight and her hands stretched down to the ground to steady herself.
I have been going at my new job now for a few weeks and am starting to get the hang of some things. It is a little odd though with all of the people in my team being in a different state than me, and having met none of them other than my boss Jamie, who came up my first week to train me.
I am getting to know the guys in the different groups around me, from technical services, and Infrastructure. We play table tennis on Fridays and I am not the worst one here...YAY.
This is why we run Linux at home: (even Billy G has issues with Windows) , you want to install something, no need to run a web browser to find all the bits you need. Then hunt, hunt, fill out a form telling them your name, date of birth and pant size. Just either apt-get install "program name" and it gets all the stuff it needs. Or run synaptic.
*Now onto security.
As you may or may not have heard there was a big update released for basically the whole internet. See here and here for a test of your own dns.
Basically it boils down to a bad guy being able to put incorrect entries into your ISP or works DNS cache that would point you to the wrong site. So instead of going to google.com it could take you to a hackers version, or whatever. This would also effect email.
Now this kind of thing does happen occasionally, but this was seen as such a big issue (it could basically destroy the internet if unchecked and unpatched), that CERT who handles these issues let all the Vendors and developers know. Giving them time to write a patch for release on the same day. Very, very impressive.
Not only Microsoft but Unix, Linux, BSD , Cisco, Checkpoint, all of them released a patch for their varied DNS implementations. Yahoo who uses an older *nix implementation of DNS, Bind8 managed to simply comit to abandoning it in favour of the newer patched Bind9.
The question I put forward, is this finally a time of security as an institution. Security how it should be done, globablly. Sure it is still relying on Admins at the other end, but with Auto updates being the norm, it should be fine. This to me seems a step in the right direction, and I am sure even a couple years ago this wouldn't have happened. Will this one day lead us to a security utopia free of vulnerabilites and insecurites, no. But it may lead to sharing and assistance cross platform.
Speaking of security, there is talk of an IT Security group being started up in Sydney, and I maybe taking the reigns. It will be sponsored by Microsoft but if I take the reigns I plan on being vendor neutral, all-be-it Microsoft has some nice claims to fame, and even with all their foibles and hatred that is flung at them, they do try and do some stuff right. Operating systems are tools, you should use the right tool for the right job.
Peace out all, specially those lovely CERT engineers.

No comments:

eXTReMe Tracker