Black Hat Webcast 2: Dan Kaminsky's DNS Discovery: The Massive, Multi-Vendor Issue and the Massive, Multi-Vendor Fix

Summary: Early in 2008, security researcher Dan Kaminsky located a gaping hole the basic underpinnings of the internet. This fundamental flaw in DNS security renders almost all DNS serves open to cache poisoning (US CERT VU#800113). As the vulnerability arises from flaws in the design of the DNS protocol, the issue affects nearly all vendors and nearly all products designed to work with DNS. In the intervening time, Dan has worked with a coalition of vendors to create a fix for this very serious and ubiquitous vulnerability. On July 8th, technology vendors from across the industry simultaneously released patches for their products in a combined effort of historic proportion.