Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Xavier Mertens

Threat Level: green

Date	Author	Title
BIND DNSSEC POISONING
2009-01-07	William Salusky	BIND 9.x security patch - resolves potentially new DNS poisoning vector
BIND
2021-07-31/a>	Guy Bruneau	Unsolicited DNS Queries
2019-11-25/a>	Xavier Mertens	My Little DoH Setup
2019-07-13/a>	Guy Bruneau	Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing
2014-06-12/a>	Guy Bruneau	BIND Security Update for CVE-2014-3859
2013-07-26/a>	Scott Fendley	ISC BIND DoS
2013-06-05/a>	Richard Porter	BIND 9 Update fixing CVE-2013-3919
2012-07-30/a>	Guy Bruneau	BIND 9 Security Updates
2012-06-06/a>	Jim Clausing	BIND 9 Update - DoS or information disclosure vulnerability
2011-12-05/a>	Stephen Hall	ISC describe DNS crash bug analysis
2011-11-16/a>	Jason Lam	Potential 0-day on Bind 9
2011-07-05/a>	Raul Siles	Two DoS remotely exploitable vulnerabilities affect BIND 9: http://www.isc.org/advisories/bind Updgrade to 9.8.0-P4.
2011-06-28/a>	Johannes Ullrich	DNSSEC Tips
2011-05-09/a>	Johannes Ullrich	Patch for BIND 9.8.0 DoS Vulnerability
2011-02-23/a>	Manuel Humberto Santander Pelaez	Bind DOS vulnerability (CVE-2011-0414)
2010-07-29/a>	Rob VandenBrink	NoScript 2.0 released
2010-02-17/a>	Rob VandenBrink	Multiple Security Updates for ESX 3.x and ESXi 3.x
2009-12-15/a>	Johannes Ullrich	Important BIND name server updates - DNSSEC
2009-11-24/a>	John Bambenek	BIND Security Advisory (DNSSEC only)
2009-07-29/a>	Bojan Zdrnja	BIND 9 DoS attacks in the wild
2009-01-08/a>	Kyle Haugsness	BIND OpenSSL follow-up
2009-01-07/a>	William Salusky	BIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>	Johannes Ullrich	DNSSEC for DShield.org
2008-08-02/a>	Swa Frantzen	BIND: -P2 patches are released
2008-07-08/a>	Johannes Ullrich	Mulitple Vendors DNS Spoofing Vulnerability
DNSSEC
2023-09-06/a>	Johannes Ullrich	Security Relevant DNS Records
2013-10-21/a>	Johannes Ullrich	New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2013-08-14/a>	Johannes Ullrich	.GOV zones may not resolve due to DNSSEC problems.
2013-06-22/a>	Guy Bruneau	.biz DNSSEC DNSKEY is Invalid
2012-01-18/a>	Johannes Ullrich	Use of Mixed Case DNS Queries
2011-11-11/a>	Johannes Ullrich	Details About the fbi.gov DNSSEC Configuration Issue.
2011-08-05/a>	Johannes Ullrich	Microsoft Patch Tuesday Advance Notification: 13 Bulletins coming http://www.microsoft.com/technet/security/Bulletin/MS11-aug.mspx
2011-06-28/a>	Johannes Ullrich	DNSSEC Tips
2011-04-14/a>	Johannes Ullrich	dshield.org now DNSSEC signed via .org
2010-11-04/a>	Johannes Ullrich	DNSSEC Progress for .com and .net
2010-05-04/a>	Rick Wanner	DNSSEC...not a bang but a whimper?
2010-01-19/a>	Jim Clausing	49Gbps DDoS, IPv4 exhaustion, and DNSSEC, oh my!
2009-12-15/a>	Johannes Ullrich	Important BIND name server updates - DNSSEC
2009-11-24/a>	John Bambenek	BIND Security Advisory (DNSSEC only)
2009-03-21/a>	Stephen Hall	Updates to ISC BIND
2009-01-08/a>	Kyle Haugsness	BIND OpenSSL follow-up
2009-01-07/a>	William Salusky	BIND 9.x security patch - resolves potentially new DNS poisoning vector
2008-08-14/a>	Johannes Ullrich	DNSSEC for DShield.org
POISONING
2013-10-21/a>	Johannes Ullrich	New tricks that may bring DNS spoofing back or: "Why you should enable DNSSEC even if it is a pain to do"
2010-02-15/a>	Johannes Ullrich	Various Olympics Related Dangerous Google Searches
2009-11-24/a>	John Bambenek	BIND Security Advisory (DNSSEC only)
2009-01-07/a>	William Salusky	BIND 9.x security patch - resolves potentially new DNS poisoning vector

BIND DNSSEC POISONING

BIND

DNSSEC

POISONING