We're now past all the hype and reams of speculation about the DNS Cache Poisoning vulnerability released by Dan Kaminsky. First, we had the massive coordinated patch release by vendors across the board. Then other researchers made intuitive guesses and released, then in one case, retracted their findings. Then we had webcasts by Dan with more hints, and then finally the BlackHat presentation. To date, as far as I know, there's only been one public finding of a poisoned server (AT&T's DNS server in Austin, Texas), even though a module was written for the exploit for Metasploit. The poisoned server was noticed by folks working at H.D. Moores company, who ironically, co-wrote the module for his Metasploit project.
Was this all a case of massive hype? Or did the fact that the details were kept under wraps for so long and patches made available across the board avert disaster? If so, it would be reminiscent of Y2K, where predictions of global doom were rampant, movies were made, and folks stocked up water and food in basement shelters. And IT departments world-wide rolled up their sleeves and worked huge volumes of overtime and got the job done and the issue fixed.
Did we have a national day of appreciation or celebration for those fine folks and their incredible achievement? For the most part all we heard was how over hyped the problem had been and a bunch of late-to-the-party pundits came out saying how they had told us all along everything would be fine.
Hype or IT getting it right again? Jury's still out, but I vote for the latter.
No comments:
Post a Comment