Rich and I are both incredibly busy, trying to get some work done before Black Hat and Defcon start. We’re planning on producing a podcast next week from the showroom floor at BH as well as a few microcasts from the both Black Hat and Defcon.
So tune in next week, I promise the audio will be better than episode 113′s was. Because you know it can’t get much worse than last week.
Martin is off in the wonderland known as Madison, WI; home of The Onion. Which means, of course, that I did the recording this week and the audio isn’t quite up to Martin’s standards. I blame him though, since it was mostly his Skype connection.
There was a lot to talk about this week, from the great nation of Texas requiring private investigator licenses for PC techs, to sysadmins run amok in San Francisco, to cold boot encryption, and… what was it… oh yeah, some little DNS issue rearing its head again.
Tonight Rich and I are joined by Andrew Storms, Director of Security Operations at nCircle and fellow blogger. We continue talking about Dan Kaminsky’s DNS vulnerability and the role Rich continues to play. We also talk about lost laptops and new iPhones.
Show Notes:
Network Security Podcast, Episode 112, July 15, 2008
Time: 50:00
Today, CERT is issuing an advisory for a massive multivendor patch to resolve a major issue in DNS that could allow attackers to easily compromise any name server (it also affects clients). Dan Kaminsky discovered the flaw early this year and has been working with a large group of vendors on a coordinated patch.
The issue is extremely serious, and all name servers should be patched as soon as possible. Updates are also being released for a variety of other platforms since this is a problem with the DNS protocol itself, not a specific implementation. The good news is this is a really strange situation where the fix does not immediate reveal the vulnerability and reverse engineering isn’t directly possible.
Dan asked for some assistance in getting the word out and was kind enough to sit down with me for an interview. We discuss the importance of DNS, why this issue is such a problem, how he discovered it, and how such a large group of vendors was able to come together, decide on a fix, keep it secret, and all issue on the same day.
Dan, and the vendors, did an amazing job with this one. We’ve also attached the official CERT release and an Executive Overview document discussing the issue.
Update: Dan just released a “DNS Checker” on his site Doxpara.com to see if you are vulnerable to the issue.
Network Security Podcast, Episode 111, July 8, 2008
Ever have one of those days where just about nothing seems to go right? That just about describes today. Rich had to bail tonight due to family obligations, though it sounds like it’s the fun type of obligation, not like having dinner with Aunt Ethel or something. We had a guest lined up, but due to poor planning on our (read: my) part, we didn’t communicate the recording time well enough and that didn’t work out. Luckily Michael Santarcangelo was available to join me tonight as co-host, so you aren’t stuck listening to me drone on by myself for half an hour or so. I know that’s what I used to do every week, but it just seems so much harder than it used to.
Network Security Podcast, Episode 110
Time: 1:03:17
Show Notes: