Firewall Software Cause Problems for DNS Patch

Kara Reeder

Firewall vendors like Cisco, Juniper and Citrix are scrambling to fix a problem that can undo a feature that was introduced in the DNS patches, according to InfoWorld.


Firewall software that uses Internet Protocol address translation has the potential to undo the source port randomization, which would allow attackers to pull off a cache-poisoning attack against the DNS server.


A fix is still weeks away. In the meantime, Dan Kaminsky, the researcher that discovered the flaw, suggests that network administrators forward their DNS lookups to servers that are not translating port addresses or reconfigure the firewall.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data