DNS Vulnerabilities

Discussion in 'General Discussion' started by Jbob, Jul 10, 2008.

  1. Jbob

    Jbob Network Guru Member

    With the recent news of the DNS issues and the fixes being released by many firmwares and OS's does this affect any of our Linksys routers? Does anyone know if Linksys is or has been fixing this with newer firmware releases? I've got a RV082 and see the latest firmware release doesn't say anything specifically about fixing a DNS issue.
  2. heidnerd

    heidnerd LI Guru Member

    A couple of choices, because of the severity with this particular vulnerability the only 100% safe way to address it is assume that you are at risk... until Linksys either announce a patch or says that they are okay.

    If you can read the source code and have the time - it is GPL'ed and on the linksys site in their GPL library.

    Or you could put wireshark on it externally, capture the traffic and see what is happening... (too painful for me).

    Or use Kaminsky's site to check if the router is vulnerable - however I believe that I am seeing false positives... http://www.doxpara.com/

    If you see a pattern here... it is this one has soooo many ways you can be exposed to it that I believe the only thing to do is be supper paranoid about web browsing, bug your ISP, Linksys, etc... until everyone in your the internet food chain (path)says they are patched.

    So as a reminder -- Since the attack is against DNS... and any device (firewall, router, PC, server) that caches dns responses and hasn't taken precautions is suspectible. Even if you router is patched -- if your ISP hasn't you are still toast!
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice