DNS

Creating eDirectory SSL certificates with alternate names to use across round robin DNS load balanced web servers

by File in: edirectory

We have three internal Apache web servers that we use for Groupwise webaccess 7.0.3.  Each server will be accessed acrossed our intranet via round robin DNS at https://webaccess/gw/webacc for email.  When users currently access this URL they are getting Internet Explorer Security Alerts, stating:   The name on the security cerrtificate is invalid or does not […]

CMU announces free Firefox add-on to increase browser security against DNS flaw and digital signature problems

by File in: browser add-ons, security

Carnegie-Mellon University is making available a free add-on for Firefox 3.0 that’s intended to increase browser security. The Firefox add-on was developed at the university’s School of Computer Science and College of Engineering and is available for free download. The Perspectives software not only protects Firefox users against attacks that might occur because of the recently disclosed […]

Novell has released patches for DNS cache poisoning vulnerability

by File in: security

Novell has released patches for novell-bind on OES2 and named.nlm on Netware that address the deficiencies in the DNS protocol and common DNS implementations that facilitate DNS cache poisoning attacks described in CVE-2008-1447.    Patches for bind running on SuSE Enterprise Linux Server (SLES) 9 and 10, plus openSUSE 10.2, 10.3, and 11.0 were released previously.    […]

Multivendor DNS Flaw auditing tool

by File in: security

Earlier I discussed the multivendor DNS flaw and linked to Dan’s web page that contains a tool you can run to see if your DNS servers are vulnerable to cache poisioning. Jose has developed a basic open source tool called CacheAudit that can be used to determine if the cache on your DNS server has been poisoned.  He describes […]

Test for Multivendor DNS Flaw

by File in: security

By now, everyone on the Internet is aware of the fundamental flaw in DNS that all major vendors released security patches for this week.  Dan Kaminsky, the security researcher who discovered the cache poisoning bug, has developed a test for this flaw that you can find at his web site.  Many people have downplayed this […]

Mark’s Windows 2008 DNS Server Command Line Cheat Sheet

by File in: Windows

If you’re a command line type administrator like myself you’ll want to check out Mark’s Mark’s DNS Server command line cheat sheet. He’s summarized the Windows Server 2008 CLI commands relating to DNS administration. Function DNSCMD option Example Comments Do any dnscmd command on a remote system dnscmd servername command dnscmd main.bigfirm.com /zoneprint bigfirm.com   […]