Is Google Public DNS safe? Look at the source ports

Dec 07, 2009, 08:03 (1 Talkback[s])
(Other stories by Sean Michael Kerner)

"One of the big issues that security researcher Dan Kaminsky disclosed about DNS insecurity in 2008 was that DNS request information isn't quite as random as it should be. The way DNS works is that each DNS request is supposed to carry with it a random number transaction ID. But it turns out that the random number is only one out of 65,000. DNS is at risk when there isn't enough randomization and a hacker can 'guess' the number.

"So is Google's Public DNS random enough?"

Complete Story

Related Stories:

• Introducing Google Public DNS: A new DNS resolver from Google(Dec 04, 2009)
• Why open-source DNS is 'internet's dirty little secret'(Sep 23, 2009)
• BIND 9 DNS under attack - time to update(Jul 30, 2009)
• Setting up a dynamic DNS service part 2: dhcpd(Jul 22, 2009)
• DHCP server can take over client(Jul 16, 2009)
• Repairing Ubuntu 9.04 DNS(Jun 14, 2009)
• BIND 10 Set to Update DNS(Jun 13, 2009)
• Router platform runs OpenWRT Linux(May 27, 2009)
• BIND 10 starts development(Apr 25, 2009)
• 100% cure for Conficker(Mar 31, 2009)