P. 1
2008 And The New (Old) Nature Of Critical Infrastructure

2008 And The New (Old) Nature Of Critical Infrastructure



|Views: 154|Likes:
Published by dan@doxpara.com

More info:

Categories:Types, Research
Published by: dan@doxpara.com on Feb 20, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PPT or read online from Scribd
See more
See less



copyright IOActive, Inc. 2006, all rightsreserved.
DNS2008 and the new (old) nature of critical infrastructureDan KaminskyDirector of Penetration TestingIOActive, Inc.
 What a year!
Significant flaw found in DNS –You might have heard about itPretty extensive simultaneous patching operation ensued –Microsoft –Linux / ISC –Sun –Cisco –All released patches on July 8
Expected patch rate: 50% of servers after a year Achieved patch rate: ~66% after a few months –Patch rate is higher in terms of actual users protected – not perfect, buthigher Do we need more? –Yes.
I have never been a DNSSEC supporter.I’ve been researching DNS for many years, andI’ve been – at best – neutral about the technology. –I just didn’t think it mattered, and theengineering effort never seemed to be goingwell.What changed? –Software engineering realities became tooobvious to ignore.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->