All, Please see email below from Doug Brent re the DNS exploit. Cheers, Chris Disspain CEO - auDA Australia's Domain Name Administrator ceo@auda.org.au www.auda.org.au Important Notice - This email may contain information which is confidential and/or subject to legal privilege, and is intended for the use of the named addressee only. If you are not the intended recipient, you must not use, disclose or copy any part of this email. If you have received this email by mistake, please notify the sender and delete this message immediately. Please consider the environment before printing this email.
-----Original Message----- From: Doug Brent [mailto:doug.brent@icann.org] Sent: Thursday, 7 August 2008 12:06 To: Chris Disspain Subject: ICANN information on announced DNS exploit
Chris,
A DNS exploit that has been discussed for months has now been officially announced by security researcher Dan Kaminsky. This has been widely covered in today's on-line press.
You should be aware that this exploit cannot impact root servers, and should not impact name servers for top level domains. It can impact the servers operated by ISPs and corporations, and the results can be serious.
Today, ICANN issued a press release regarding this vulnerability. See: http://icann.org/en/announcements/announcement-06aug08-en.htm
Also, ICANN has posted a frequently asked questions document, primarily targeted at TLD operators to make it more clear what they need to do to ensure the TLD they operate is not susceptible to this attack. See: http://www.iana.org/reports/2008/cross-pollination-faq.html
Further, ICANN developed a a web-based tool that allows any TLD operator, or any Internet end-user to check if a particular TLD or domain is set up in a way that would allow this kind of attack. The tool is available at: http://recursive.iana.org/
Finally, over the last days, ICANN proactively tested all TLD nameservers to see if they were correctly configured so as to avoid this exploit. On 25 July, 72 TLDs failed this test (2 generic registries and 70 cc registries). As of today (with numbers still changing), the number of vulnerable TLDs has been reduced to 45, and ICANN is actively working with six of these to address the issue. The remainder have been unresponsive to this point, though ICANN staff has and will continue to reach out through email and personal contact over the next days to help in any way possible.
If any ccNSO members require additional background information, or specifically are concerned in obtaining some technical advice in this matter, please let ICANN staff know how we can help.
Sincerely, Doug Brent Chief Operating Officer ICANN Voice: +1 310.301.3871 Mobile: +1 650.996.4447 Fax: +1 310.823.8649
__________ Information from ESET NOD32 Antivirus, version of virus signature database 3333 (20080806) __________
The message was checked by ESET NOD32 Antivirus.