P. 1
2008 And The New (Old) Nature Of Critical Infrastructure

2008 And The New (Old) Nature Of Critical Infrastructure

Ratings:

5.0

(5)
|Views: 4,347|Likes:
Published by dan@doxpara.com

More info:

Categories:Types, Research
Published by: dan@doxpara.com on Feb 20, 2009
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPT or read online from Scribd
See more
See less

10/17/2011

original

 
copyright IOActive, Inc. 2006, all rightsreserved.
DNS2008 and the new (old) nature of critical infrastructureDan KaminskyDirector of Penetration TestingIOActive, Inc.
 
 What a year!
Significant flaw found in DNS –You might have heard about itPretty extensive simultaneous patching operation ensued –Microsoft –Linux / ISC –Sun –Cisco –All released patches on July 8
th
Expected patch rate: 50% of servers after a year Achieved patch rate: ~66% after a few months –Patch rate is higher in terms of actual users protected – not perfect, buthigher Do we need more? –Yes.
 
History
I have never been a DNSSEC supporter.I’ve been researching DNS for many years, andI’ve been – at best – neutral about the technology. –I just didn’t think it mattered, and theengineering effort never seemed to be goingwell.What changed? –Software engineering realities became tooobvious to ignore.

Activity (2)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads

You're Reading a Free Preview

Download
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->