[LUG.ro Mix] URGENT: The cat is out of the bag. DNS Problem.

Mar Jul 22 00:06:16 ART 2008

Señores, al parecer y según lo que indica Dan Kaminsky
(http://www.doxpara.com/?p=1176), el momento de actualizar los dns IS
NOW
El titulo del post 13>0 parece hacer referencia al día de publicación
(el 8 de Julio) y 13 días después, el 21 de Julio, es decir ayer.
Además de esto, lo que dice el post, es bastante.

Patch.  Today.  Now. Yes, stay late.  Yes, forward to OpenDNS if you
have to.  (They're ready for your traffic.)  Thank you to the many of
you who already have.

Y es que al parecer los datos sobre el error de los DNS ya están dando
vueltas por lo que se espera un sploit en breve.

Así que como indica el mismo Dan, si es necesario, hagan forward a OpenDNS.

Y aquí viene un problema, al día de hoy, y sobre varios servidores de
DNS de proveedores de internet en argentina que no han actualizado,
estos son los resultados:

Ciudad Internet:

Your name server, at 200.42.0.108, appears vulnerable to DNS Cache Poisoning.

All requests came from the following source port: 57639

Do not be concerned at this time. IT administrators have only recently
been apprised of this issue, and should have some time to safely
evaluate and deploy a fix.
Requests seen for a6a88afb4a16.toorrr.com:
200.42.0.108:57639 TXID=13136
200.42.0.108:57639 TXID=63683
200.42.0.108:57639 TXID=50088
200.42.0.108:57639 TXID=11407
200.42.0.108:57639 TXID=28809

Your name server, at 200.42.0.109, appears vulnerable to DNS Cache Poisoning.

All requests came from the following source port: 4585

Do not be concerned at this time. IT administrators have only recently
been apprised of this issue, and should have some time to safely
evaluate and deploy a fix.
Requests seen for 77b4686dfb87.toorrr.com:
200.42.0.109:4585 TXID=25657
200.42.0.109:4585 TXID=28474
200.42.0.109:4585 TXID=4147
200.42.0.109:4585 TXID=24751
200.42.0.109:4585 TXID=65215

Datamarkets

Your name server, at 200.32.3.129, appears vulnerable to DNS Cache Poisoning.

All requests came from the following source port: 4005

Do not be concerned at this time. IT administrators have only recently
been apprised of this issue, and should have some time to safely
evaluate and deploy a fix.
Requests seen for edcef83fd901.toorrr.com:
200.32.3.129:4005 TXID=54829
200.32.3.129:4005 TXID=15379
200.32.3.129:4005 TXID=28658
200.32.3.129:4005 TXID=33537
200.32.3.129:4005 TXID=59331

IPLAN

Your name server, at 200.69.193.1, appears vulnerable to DNS Cache Poisoning.

All requests came from the following source port: 32770

Do not be concerned at this time. IT administrators have only recently
been apprised of this issue, and should have some time to safely
evaluate and deploy a fix.
Requests seen for be0803b66f63.toorrr.com:
200.69.193.1:32770 TXID=9551
200.69.193.1:32770 TXID=40133
200.69.193.1:32770 TXID=24597
200.69.193.1:32770 TXID=43028
200.69.193.1:32770 TXID=32818

Hagan la prueba con su proveedor ;)
Fuente:http://criadoindomable.wordpress.com/2008/07/21/urgent-the-cat-is-out-of-the-bag-dns-problem/

-- 
Sebastián D. Criado - Sebastian.Criado{en}Gmail.com
scriado{en}ciudad.com.ar : A partir del 1ero de Julio no funciona más
esta cuenta.
NO A LA MATRICULACIÓN OBLIGATORIA - http://noalamatricula.wordpress.com/about/
L.U.G.Ro - http://www.lugro.org.ar
GNU/Linux Registered User # 146768
- -------------------------------------------------------------------
"Si el Universo fuera un programa estaría hecho en C, y correría sobre
un sistema UNIX"
 Anónimo.