Newburyport, MA - July 15, 2008 – DNSstuff.com (www.dnsstuff.com) today announced DNS Vulnerability Check, an enhanced tool that verifies whether your DNS servers are vulnerable to the critical DNS flaw discovered earlier this year by Dan Kaminsky, Director of Penetration Testing for IOActive. The flaw allows an attacker to poison a DNS server cache by injecting it with forged data – making it such a significant flaw that US-CERT, the government’s cyber security arm, and 80 vendors including Nominum, Microsoft and Cisco, coordinated together to issue a patch. You may run this tool free at www.dnsstuff.com starting Wednesday, July 16, 2008.

"This is about as serious as you can get,” said Dan Kaminsky. “DNSstuff offered to help out and enhance this tool to better validate any DNS server. It’s a team effort, no doubt. ”

"This is significant but it's under control, now we just need users to deploy the patches that have been built,” said Paul D. Parisi, CTO of DNSstuff.com. “This won’t be the last flaw discovered, but this is definitely one of the most critical. It’s no secret that DNS is part of almost all communications on the Internet and that it is being pushed to its limits. This is why DNSstuff.com is focused on how to best manage DNS in order to avoid major email and web problems. DNSreport is the most comprehensive DNS health check available to validate your configuration. We quickly pinpoint the problem and provide steps to fix it.”

“This particular DNS attack is without a doubt the most dangerous discovered in the DNS to date,” said Paul Mockapetris, Inventor of DNS. “It is imperative that IT managers for organizations Worldwide update their DNS software right away. The update on caching servers’ perimeters will ensure optimal performance, and the new tool provided by DNSstuff.com is just what companies need to stay on top of their DNS, and prevent them from becoming victims of damaging exploits such as the one discovered by Kaminsky.”

DNS is a rising attack vector

Each DNS server is susceptible to many forms of compromise, and must constantly be monitored to mitigate security risks. Steps must be taken to mitigate the risks. The biggest monitoring challenge right now is that there are so many DNS servers controlled by so many busy people. If IT managers are not diligent in mitigating risks, or make an error – a serious problem can quickly propagate bad information throughout the Internet. Cybercriminals constantly poke, prod and hack at finding weak or open DNS servers they can exploit.

About DNSstuff.com

DNSstuff helps you configure, monitor and resolve email, internet and connectivity issues. These on-demand tools and alerts services reduce downtime and minimize domain vulnerability. DNSstuff solutions combine the effectiveness of command line tools with the efficiency of point tools. DNSstuff.com users are a uniquely large, knowledgeable and trusted community of IT professionals, and its resources are featured in several authoritative books on the Internet which can be found at www.dnsstuff.com.

You can learn more about Dan Kaminsky and this DNS flaw by visiting www.doxpara.com.