Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Diaries by Keyword Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

BIND DNSSEC POISONING

2009-01-07William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector

BIND

2021-07-31/a>Guy BruneauUnsolicited DNS Queries
2019-11-25/a>Xavier MertensMy Little DoH Setup
2019-07-13/a>Guy BruneauGuidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2014-06-12/a>Guy BruneauBIND Security Update for CVE-2014-3859
2013-07-26/a>Scott FendleyISC BIND DoS
2013-06-05/a>Richard PorterBIND 9 Update fixing CVE-2013-3919
2012-07-30/a>Guy BruneauBIND 9 Security Updates
2012-06-06/a>Jim ClausingBIND 9 Update - DoS or information disclosure vulnerability
2011-12-05/a>Stephen HallISC describe DNS crash bug analysis
2011-11-16/a>Jason LamPotential 0-day on Bind 9
2011-07-05/a>Raul SilesTwo DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28/a>Johannes UllrichDNSSEC Tips
2011-05-09/a>Johannes UllrichPatch for BIND 9.8.0 DoS Vulnerability
2011-02-23/a>Manuel Humberto Santander PelaezBind DOS vulnerability (CVE-2011-0414)
2010-07-29/a>Rob VandenBrinkNoScript 2.0 released
2010-02-17/a>Rob VandenBrinkMultiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-15/a>Johannes UllrichImportant BIND name server updates - DNSSEC
2009-11-24/a>John BambenekBIND Security Advisory (DNSSEC only)
2009-07-29/a>Bojan ZdrnjaBIND 9 DoS attacks in the wild
2009-01-08/a>Kyle HaugsnessBIND OpenSSL follow-up
2009-01-07/a>William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>Johannes UllrichDNSSEC for DShield.org
2008-08-02/a>Swa FrantzenBIND: -P2 patches are released
2008-07-08/a>Johannes UllrichMulitple Vendors DNS Spoofing Vulnerability

DNSSEC

2013-10-21/a>Johannes UllrichNew tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2013-08-14/a>Johannes Ullrich.GOV zones may not resolve due to DNSSEC problems.
2013-06-22/a>Guy Bruneau.biz DNSSEC DNSKEY is Invalid
2012-01-18/a>Johannes UllrichUse of Mixed Case DNS Queries
2011-11-11/a>Johannes UllrichDetails About the fbi.gov DNSSEC Configuration Issue.
2011-08-05/a>Johannes UllrichMicrosoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-06-28/a>Johannes UllrichDNSSEC Tips
2011-04-14/a>Johannes Ullrichdshield.org now DNSSEC signed via .org
2010-11-04/a>Johannes UllrichDNSSEC Progress for .com and .net
2010-05-04/a>Rick WannerDNSSEC...not a bang but a whimper?
2010-01-19/a>Jim Clausing49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2009-12-15/a>Johannes UllrichImportant BIND name server updates - DNSSEC
2009-11-24/a>John BambenekBIND Security Advisory (DNSSEC only)
2009-03-21/a>Stephen HallUpdates to ISC BIND
2009-01-08/a>Kyle HaugsnessBIND OpenSSL follow-up
2009-01-07/a>William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>Johannes UllrichDNSSEC for DShield.org

POISONING

2013-10-21/a>Johannes UllrichNew tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2010-02-15/a>Johannes UllrichVarious Olympics Related Dangerous Google Searches
2009-11-24/a>John BambenekBIND Security Advisory (DNSSEC only)
2009-01-07/a>William SaluskyBIND 9.x security patch - resolves potentially new DNS poisoning vector