Support Centre
July 24, 2008 - DNS Cache Poisoning
Please be aware that Skyway Domain Name Servers are fully patched and are NOT vulnerable to the "DNS Cache Poisoning" vulnerability referred to below.
The DNS Cache Poisoning vulnerability is very widespread. Details of the exploit were made public yesterday, July 23/08 and we expect attack tools will become available shortly. Most publishers of DNS software released the required updates in just the last two weeks.
Please urgently update any DNS servers, including active directory DNS servers, and DNS client "resolver" software on all PC's and Mac's. Some routers that act as a DNS server or use DNS names in their configuration will also be vulnerable until updated.
The attack makes use of forged answers to normal DNS queries. A firewall will not necessarily block this attack, because DNS queries and answers are common packets considered safe by firewalls.
If any of your equipment uses a third party DNS server instead of using those provided by Skyway West, it's important that those third party servers are updated as well.
Below are a number of resources to help you understand DNS Cache Poisoning and take corrective action.
1. Wikipedia description of DNS cache poisoning
2. Public Safety Canada alert
3. Computer Emergency Response Team's vulnerability note
5. Tools to test your own servers:
DNS-OARC Check your Resolver's Source Port Behavior
[ Back to Skyway Knowledge Centre ]
