β β β Uππ»βΊπ«Δπ¬πβ β β β
π§ DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π§ DNS SAD cache poisoning: interim fix for Linux servers and desktops:
There is a new DNS cache poisoning threat called Side-channel AttackeD DNS (SAD DNS).
This new attack works as follows: SAD DNS allows hackers to redirect traffic destined for a specific domain to a server under their control.
With this attack, they can easily spy on your traffic.
This network side channel attack can have serious security implications for both users and businesses, even if your servers are in Germany
This new flaw affects Linux (kernel 3.18-5.10), Windows Server 2019 (version 1809) and newer, macOS 10.15 and newer, FreeBSD 12.1.0 and newer.
Let me show you how to deploy the BlueCat script on your Linux computers and servers so you can avoid problems until the DNS server vendors solve the problem.
What do you need
Accessing Linux machines that use DNS on your network
User with sudo privileges
How to use the script
The script generated by BlueCat is actually quite simple and looks like this:
#! / usr / bin / env bash
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE.
################################################# #########################
#
# Three options for installation. Choose one of the following:
#
# 1. Copy to /etc/cron.minutely
#
# 2. Copy the script to the DNS server. Create a file in /etc/cron.d with
# the following syntax:
#
# * * * * * root /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# 3. Create a user cron entry while using
crontab -e#
# * * * * * /path/to/icmp_ratelimit.sh> / dev / null 2> & 1
#
# - Change "/ path / to" to match the exact location of the script.
# - Finally, make sure it is executable: chmod + x /path/to/icmp_ratelimit.sh
#
seconds = "60"
while [[$ {seconds} -gt 0]]
do
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv4 / icmp_ratelimit
echo $ ((500 + $ {RANDOM}% 1500))> / proc / sys / net / ipv6 / icmp_ratelimit
sleep .95
done
Note. BlueCat can update the script to include IPv6. Be sure to check out their official GitHub page for further updates to this script.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from DailyCVE
π΅XSS vulnerability exists in Tongda OA Government Affairs Edition:
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition
(DC: 252-2021)
https://dailycve.com/xss-vulnerability-exists-tongda-oa-government-affairs-edition