DNS excitement! Panic at the office!

Well not really panic, just your usual vulnerability patching day at the office.

When I saw Dan Kaminsky demonstrate voice over DNS, I was convinced that he dreams in BIND source code.  It was a neat demonstration.

Now he has uncovered another vulnerability in BIND regarding UDP source port prediction. It’s causing some excitement in the work place as to what the impact could be and how soon our vendors can release patches.

I’ve had to do some explaining as what it means;  see Matasano’s blog for more information.  Thomas Ptacek sums it up really well here and states the impact more here.

You’ve got to love someone who can explain the seriousness using a movie quote from Jack Black.