DNS exploit code released by Metasploit founder

Experts say DNS attacks against unpatched servers are imminent.

Metasploit Project founder H.D. Moore released the exploit for the recent DNS cache-poisoning vulnerability via...

his Metasploit Framework.

The code was released Wednesday, a day after noted reverse engineer Halvar Flake successfully guessed the details of the flaw. Flake published his findings on his blog, opening up a flood of questions from researchers about the controlled release of the flaw, and the one month delay in announcing the details.

Security researcher Dan Kaminsky announced the discovery of the flaw July 8 when DNS vendors rallied to conduct a massive coordinated patch release. Kaminsky said he wouldn't reveal details of the flaw until his Black Hat presentation in August. Keeping the details a secret would give IT administrators time to deploy the patch, he said.

Experts say that releasing the exploit code via Metasploit almost assures that attacks will take place. The Metasploit Framework is a tool used to conduct security vulnerability research. It allows security pros to test their systems without having to code their own exploits.

A successful DNS attack could happen in seconds. The technique involves overloading the server with requests until a legitimate answer is received. An attacker must redirect the name server to a bogus IP address and dupe the server into believing that the queried domain is legit.

On his Doxpara Research blog, Kaminsky warned administrators to immediately patch their systems.

Dig Deeper on Emerging Information Security Threats

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close