The SANS ISC Handler Diary is asking for your experiences with SPF. Its funny timing because i just configured SPF for my domains last night. I’d been using SPF records previously, but when I left PowWeb for Dreamhost (which changed my authoritative DNS server) I didn’t set up SPF again. I’m using Google as the …
OpenDNS blogged about a new feature called SmartCache If you ask for a DNS resolution, and it can’t contact the authoritative DNS server or the server returns a SERVFAIL they will respond with the last known good IP address. They dub this “one of the most significant DNS innovations of the last 25 years.” It …
Since upgrading from SEP11 MR2 to MR4, my virus alert email to admins no longer works. As a side note, SEP11 has never allowed me to include the path and file name in the virus notifications. They did allow that in SAV10 and earlier. This is a big step back. Before the upgrade, the email …
Brian Krebs reports on a attack on CheckFree in todays Security Fix blog. It looks like someone used phishing to get credentials for their Network Solutions account. Brian says “This may seem like a logical stretch, and perhaps it is.” I dont know about that. If they just phished the email address in the whois …
So Donna thinks that PC World is a victim of DNS Cache Poisoning. What is the attack here? pcworld.com DNS resolves to 70.42.185.10 which according to an IPWHOIS is their IP address. So what if removespyware.ru resolves to the same address. Unless they can modify the routing, I dont see what they’ve accomplished other than …
I’ve seen more than a handful of snarky posts linking results from http://www.doxpara.com’s DNS tester and complaining that their ISP is still vulnerable to DNS attack mere days after the patches were released. The Verizon Business Security Blog has some good comments and reports they have recommended to their customers to patch within 30 days.
A couple days ago I received email from Paypal titled “New PayPal Plug-In – Shop anywhere online.” That struck me as kind of suspicious so I looked at the mail headers. The headers showed the message did originate with Paypal’s servers, and more importantly it contained a domain key (DKIM). According to Wikipedia, “DomainKeys is …
looks like someone forgot to renew grandcentral.com. doh! http://www.iptools.com/dnstools.php?tool=whois&user_data=grandcentral.com Domain Name: GRANDCENTRAL.COM Registrar: EASYDNS TECHNOLOGIES, INC. Whois Server: whois.easydns.com Referral URL: http://www.easydns.com Name Server: NS1.EASYDNS.COM Name Server: NS2.EASYDNS.COM Name Server: NS6.EASYDNS.NET Name Server: REMOTE1.EASYDNS.COM Name Server: REMOTE2.EASYDNS.COM Status: clientHold Updated Date: 20-may-2008 Creation Date: 19-may-1997 Expiration Date: 20-may-2008
My MovableType spam defenses have kind of run amok. It was letting through a ton of spam which led me to disable anonymous comments. For its next trick it decided to trash valid comments. The first method used for trashing valid comments was a rule that http:// shouldn’t appear in the commenter’s name field. That …
Google has added AIM to Google Talk. For companies like mine, I’m not sure this is a good thing. We implemented IM security after one too many people got infected and the helpdesk was flooded with calls as their computer sent IMs to everyone in their buddy list. For other companies is a compliance issue …