Sign In
Register
Help
Posted 23 January 2004 - 08:19 PM
You can google for the site. Heres the excerpt from their board regarding the below link.
Security pros question flaw find <_<
Quote
Friday, November 21, 2003. 03:27 pm cst
As far as we can tell at moment...this is_not in the WILD...
So it is NOT an alert...
it is a caution we felt that is important to relate ...
we have notified CERT as well as a few others.
CERT notified (w/proof of concept) 10 days ago.
--
As many of you know..
we like to be prepared and test systems/platforms
(not just DNS) with our own tools and concepts.
Then we test other systems for comparison.
Well..
We discovered something while testing our own
DNS programs for strength and speed...<ouch>
so we created and tried the concept on other platforms...
This is_not specific to DNS machines, affects any unit.
(All servers and workstations on internet or LAN)
Something which...
is not preventable with most firewalls
<we tested upto cisco rack mounts>
hardware routers and software firewalls
(even with "lock" enabled) may fail or crash.
multiple-platforms are affected,
including possible effects on some (if not all)
linux versions requiring reboots or lost internet.
observations include possible desktop freeze
caution on using onboard (integrated) net cards,
or a network card that is not in A1 condition.
this may lead to lost internet or long recovery
IMPORTANT*
currently the only_way to stay protected is
(not kidding)
either using FreeBSD as a firewall/gateway for the LAN
or enabling the ICF if using WindowsXP or Windows2003
*FreeBSD and ICF enabled units may experience
system slowdowns and possible loss of internet.
OS-X and OpenBSD also share a higher immunity
to our demonstration code. However, when a BSD
derivative platform or an ICF protected machine is
targeted, machines on the same local subnet have
been observed to suffer collateral loss of network
connectivity without physical damage.
NB.
contact me via pgp (support at ntcanuck.com)
*only* if you are able to provide assistance
or if you are a major vendor or manufacturer
and need more details. We can't guarantee
answering all queries from ISP's or OEM's at
this time...busy working on corrective code.
Keep any questions within this group, and address
them to me, others have their own tasks/projects.
I can't give too many details (discretion is important).
NT Canuck
As far as we can tell at moment...this is_not in the WILD...
So it is NOT an alert...
it is a caution we felt that is important to relate ...
we have notified CERT as well as a few others.
CERT notified (w/proof of concept) 10 days ago.
--
As many of you know..
we like to be prepared and test systems/platforms
(not just DNS) with our own tools and concepts.
Then we test other systems for comparison.
Well..
We discovered something while testing our own
DNS programs for strength and speed...<ouch>
so we created and tried the concept on other platforms...
This is_not specific to DNS machines, affects any unit.
(All servers and workstations on internet or LAN)
Something which...
is not preventable with most firewalls
<we tested upto cisco rack mounts>
hardware routers and software firewalls
(even with "lock" enabled) may fail or crash.
multiple-platforms are affected,
including possible effects on some (if not all)
linux versions requiring reboots or lost internet.
observations include possible desktop freeze
caution on using onboard (integrated) net cards,
or a network card that is not in A1 condition.
this may lead to lost internet or long recovery
IMPORTANT*
currently the only_way to stay protected is
(not kidding)
either using FreeBSD as a firewall/gateway for the LAN
or enabling the ICF if using WindowsXP or Windows2003
*FreeBSD and ICF enabled units may experience
system slowdowns and possible loss of internet.
OS-X and OpenBSD also share a higher immunity
to our demonstration code. However, when a BSD
derivative platform or an ICF protected machine is
targeted, machines on the same local subnet have
been observed to suffer collateral loss of network
connectivity without physical damage.
NB.
contact me via pgp (support at ntcanuck.com)
*only* if you are able to provide assistance
or if you are a major vendor or manufacturer
and need more details. We can't guarantee
answering all queries from ISP's or OEM's at
this time...busy working on corrective code.
Keep any questions within this group, and address
them to me, others have their own tasks/projects.
I can't give too many details (discretion is important).
NT Canuck
This post has been edited by Spookie: 24 January 2004 - 09:15 AM
MultiQuote
