Black Hat //Webcast Series
security research in real time
Black Hat Webcast No.
Dan Kaminsky's DNS Discovery:
The Massive, Multi-Vendor Issue and
the Massive, Multi-Vendor Fix
Thursday, July 24 1:00 pm PST/4:00 pm ET • FREE
- Jeff Moss, Founder and Director of Black Hat
- Dan Kaminsky, Director of Penetration Testing, IOActive
- Rich Mogull, Former Director of the National Cyber Security Division, DHS
- Joao Damas, Sr., Senior Programme Manager, ISC
Early in 2008, security researcher Dan Kaminsky located a gaping hole the basic underpinnings of the internet. This fundamental flaw in DNS security renders almost all DNS serves open to cache poisoning (US CERT VU#800113). As the vulnerability arises from flaws in the design of the DNS protocol, the issue affects nearly all vendors and nearly all products designed to work with DNS.
In the intervening time, Dan has worked with a coalition of vendors to create a fix for this very serious and ubiquitous vulnerability. On July 8th, technology vendors from across the industry simultaneously released patches for their products in a combined effort of historic proportion.