Sign up to save your podcasts
Or
Share Welcome! DNS and DNS Hacking plus more on Tech Talk with Craig Peterson on WGAN
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Welcome! DNS and DNS Hacking plus more on Tech Talk with Craig Peterson on WGAN
Welcome!
Craig discusses DNS and DNS Hacking and why DNS is so important if you are worried about security.
For more tech tips, news, and updates visit - CraigPeterson.com
---
Read More:
The rise and fall of Adobe Flash
National Security Agency warns that VPNs could be vulnerable to cyberattacks
Schools already struggled with cybersecurity. Then came COVID-19
Study Finds 15 Billion Stolen, Exposed Credentials in Criminal Markets
As Offices Reopen, Hardware from Home Threatens Security
Augmented reality heads-up displays for cars are finally a real thing
Android 10 has the fastest update rate ever, hits 16% of users in 10 months
Twitter breach exposes one of tech's biggest threats: Its own employees
---
Automated Machine-Generated Transcript:
[00:00:00] Craig Peterson: Hey, it only took 17 years to patch. It can't be that bad. Can it? Hello, Microsoft. Why have you had the brakes on this for so long and what it means to you?
Hey everybody, Craig Peterson here. Thanks for joining me. We're going to talk right now about a couple of things. One of these is the bug that took Microsoft 17 years to fix that you better fix right now. Because it's in the wild. Yes, indeed. we're going to talk about Adobe flash, that little pesky pieces software that we've been using for many, many years, but as it turns out, it's been a real pain, right.
Buggy stuff, you know, really the two big ones that you have to worry about all the time. Have been Flash and have been Java. Both of those have had more than their fair share of nightmares associated with [00:01:00] them. I just hate some of this stuff because it has been so nasty. So buggy, it's hard to even think about when you get right down to it.
Right. Well, here's, what's going on right now with Microsoft here. There was a, released the, just here within the last week. That fixes what appears to be a very dangerous, so longstanding bug in Windows DNS. Now DNS is the domain name system. The domain name service is what I've called it for years. We go into a lot of detail on DNS in our hacker killer course.
We, basically have to because you need to understand the DNS and how it works. If you're going to run an office and all of the computers in it. Right. So we go into a whole lot of detail on that, but DNS.
[00:02:00] The bottom line is what you type into your browser. So Craig Peterson dot com for instance, and turns it into an address like one, two, three main street, any town USA. Even with the zip code. So it turns it into this, this set of octet in IPV four nomenclature, IPV six, it's just this massive, huge address that can address anything that mankind should be able to make over the next year and thousand years, maybe more you can address every pebble of sand on a beach.
Okay. It's just a huge amount of address space.
So DNS is important for your computer, cause it's not just typing google.com or Craig peterson.com or it could be bank of america.com into the browser. It's all of the software on your computer that is using the internet. Because in order to get from your computer to the computer, it really wants to talk to. It needs to know the address.
[00:03:00] So what happens is it asks your ISP typically. So, you know, again, when you computer boots that use the DHCP, it gets an IP address. Again, we cover all of this in the hacker killer course, but it gets an IP address and when it gets that information from your DHCP server, it's also getting an IP address for the DNS server.
Now sometimes the DNS server is your ISP internet service provider, like a Comcast or the telephone company, the, or whomever it is your using to get on the internet. And that's frankly, pretty common. That's where it's located out there for your ISP, from your ISP. So what'll happen is your computer will now go and ask your ISP computer.
[00:04:00] How do I get to Craig peterson.com all at least what's the address of Craig peterson.com getting there? Well, that's a lot more detailed. We probably won't get into that on the show, but involves OSPF and BGP and just all kinds of other running protocols. But anyhow, I'll have to see the address. I need to get there.
So when Microsoft wants to do an update, It uses the name. So it goes to update.microsoft.com. This is an example, right? In reality, it goes to a bunch of different sites, or when the Adobe software update or when Google software, anything wants to update or use a resource like a database online. It's going to go to DNS. DNS is just that important.
Now there have been some problems with DNS over the years, and one of the biggest problems is how can I be sure that I'm talking to an authoritative server. In other words, if I want Craig Peterson's IP address and I get it back from a DNS server. Do I really know that's Craig or is that some hacker?
[00:05:00] That's trying to get me to go to their site instead of my bank site. So one of the ways that were put together here to try and fix this problem is DNS sec. There are some other ones out there now that are some I don't like. They're using DNS over HTTPS, which is a very simple solution. A cloud flare has it, OpenDNS has it, almost everybody has it. It is built into Firefox. Now it is built into a Chrome ish, they're rolling it out. But here's what happens with that. Instead of asking your ISP for the address for the bank, it sets up a secure. Tunnel effectively and SSL tunnel to either CloudFlare or open DNS or one of these other.
[00:06:00] So it goes directly there and says, Hey, what's the IP address for TD bank? And at that point secure. So if I'm asking my ISP using regular DNS for an address. In reality, somebody could be sitting in between. What the hackers have been doing lately is if you have a consumer-grade router, which is most small businesses, frankly we walk into is just kind of crazy.
But if you have a consumer-grade router and that router is not patched up. You've got problems. Now we've been into places where they've been diligent and applying patches the problem is that they haven't issued patches. This one place we went to, just a couple of weeks ago. Yeah. Yeah. I'm certain, I'm certain, I'm certain.
I go there every week and double-check and yes, indeed. This is the firmware version that I'm supposed to have installed. When I checked on my router, it's got that firmware version. So. I'm up to date. So then we went with her and we had a little bit of a closer look at it turns out.
[00:07:00] Yeah. Yeah, she was pretty diligent, but the vendor had not released patches in over two years.
So again, that's why you don't use any of the consumer stuff. That's why you got to stick with prosumer. If you're. On the cheap side, if you had to keep it cost down. And you're not really that concerned about security, but you don't want this to happen to you as well as a thousand other things.
And that's why we have a full prosumer package that we sell. That's all the hardware you need. And it's all automatically kept up to date and with getting machines and functioning properly with all the latest, you know, anti-malware software. So that prosumer stuff is important, but here's what happens.
[00:08:00]They've been going on and connecting to routers just randomly. They just cycle through all of these addresses on the internet and they find a router that is vulnerable to the attack, and then they change the firmware in it so that your computer now asks them what the IP address is for your bank.
So you type in TD bank.com. Your computer says, okay, who am I supposed to ask about this? Oh yeah, yeah. I'm supposed to ask my router about it. Cause that's what I found out from DHCP. So it goes ahead and asks the router about it. The router says, yeah I know bank of America or TD, or where was it you're going to? It doesn't really matter. Here's an IP address in Russia you should be going to.
We're seeing this happening by the tens of thousands now. So Microsoft has been trying to work their way around it. How can we do that? How do we know that an IP address is legitimate and they really messed up?
[00:09:00] Okay. This is called SIGRed. It not only exploits Windows DNS, but it's what's called a wormable bug. Which means it can crawl through other machines once it's on your network. So be very, very careful. Both Checkpoint and Microsoft say this is a critical flaw. It scores a 10 out of 10 on the CVSs common vulnerability scoring system.
This is bad. Make sure. You've got this patched. It's affecting practically every small and medium-sized organization in the world. It's gone unnoticed for 17 years, but no longer.
Hey, stick around. We're going to be right back. We're going to be talking about flash and a whole lot more. Make sure you're on my list.
So all of this work, I've done setting up this new studio doesn't go to waste and you can attend all of these free pieces of training. Craig peterson.com/subscribe.
---
More stories and tech updates at:
www.craigpeterson.com
Don't miss an episode from Craig. Subscribe and give us a rating:
www.craigpeterson.com/itunes
Follow me on Twitter for the latest in tech at:
www.twitter.com/craigpeterson
For questions, call or text:
855-385-5553
View all episodes
By Craig Peterson
5
2323 ratings
Welcome!
Craig discusses DNS and DNS Hacking and why DNS is so important if you are worried about security.
For more tech tips, news, and updates visit - CraigPeterson.com
---
Read More:
The rise and fall of Adobe Flash
National Security Agency warns that VPNs could be vulnerable to cyberattacks
Schools already struggled with cybersecurity. Then came COVID-19
Study Finds 15 Billion Stolen, Exposed Credentials in Criminal Markets
As Offices Reopen, Hardware from Home Threatens Security
Augmented reality heads-up displays for cars are finally a real thing
Android 10 has the fastest update rate ever, hits 16% of users in 10 months
Twitter breach exposes one of tech's biggest threats: Its own employees
---
Automated Machine-Generated Transcript:
[00:00:00] Craig Peterson: Hey, it only took 17 years to patch. It can't be that bad. Can it? Hello, Microsoft. Why have you had the brakes on this for so long and what it means to you?
Hey everybody, Craig Peterson here. Thanks for joining me. We're going to talk right now about a couple of things. One of these is the bug that took Microsoft 17 years to fix that you better fix right now. Because it's in the wild. Yes, indeed. we're going to talk about Adobe flash, that little pesky pieces software that we've been using for many, many years, but as it turns out, it's been a real pain, right.
Buggy stuff, you know, really the two big ones that you have to worry about all the time. Have been Flash and have been Java. Both of those have had more than their fair share of nightmares associated with [00:01:00] them. I just hate some of this stuff because it has been so nasty. So buggy, it's hard to even think about when you get right down to it.
Right. Well, here's, what's going on right now with Microsoft here. There was a, released the, just here within the last week. That fixes what appears to be a very dangerous, so longstanding bug in Windows DNS. Now DNS is the domain name system. The domain name service is what I've called it for years. We go into a lot of detail on DNS in our hacker killer course.
We, basically have to because you need to understand the DNS and how it works. If you're going to run an office and all of the computers in it. Right. So we go into a whole lot of detail on that, but DNS.
[00:02:00] The bottom line is what you type into your browser. So Craig Peterson dot com for instance, and turns it into an address like one, two, three main street, any town USA. Even with the zip code. So it turns it into this, this set of octet in IPV four nomenclature, IPV six, it's just this massive, huge address that can address anything that mankind should be able to make over the next year and thousand years, maybe more you can address every pebble of sand on a beach.
Okay. It's just a huge amount of address space.
So DNS is important for your computer, cause it's not just typing google.com or Craig peterson.com or it could be bank of america.com into the browser. It's all of the software on your computer that is using the internet. Because in order to get from your computer to the computer, it really wants to talk to. It needs to know the address.
[00:03:00] So what happens is it asks your ISP typically. So, you know, again, when you computer boots that use the DHCP, it gets an IP address. Again, we cover all of this in the hacker killer course, but it gets an IP address and when it gets that information from your DHCP server, it's also getting an IP address for the DNS server.
Now sometimes the DNS server is your ISP internet service provider, like a Comcast or the telephone company, the, or whomever it is your using to get on the internet. And that's frankly, pretty common. That's where it's located out there for your ISP, from your ISP. So what'll happen is your computer will now go and ask your ISP computer.
[00:04:00] How do I get to Craig peterson.com all at least what's the address of Craig peterson.com getting there? Well, that's a lot more detailed. We probably won't get into that on the show, but involves OSPF and BGP and just all kinds of other running protocols. But anyhow, I'll have to see the address. I need to get there.
So when Microsoft wants to do an update, It uses the name. So it goes to update.microsoft.com. This is an example, right? In reality, it goes to a bunch of different sites, or when the Adobe software update or when Google software, anything wants to update or use a resource like a database online. It's going to go to DNS. DNS is just that important.
Now there have been some problems with DNS over the years, and one of the biggest problems is how can I be sure that I'm talking to an authoritative server. In other words, if I want Craig Peterson's IP address and I get it back from a DNS server. Do I really know that's Craig or is that some hacker?
[00:05:00] That's trying to get me to go to their site instead of my bank site. So one of the ways that were put together here to try and fix this problem is DNS sec. There are some other ones out there now that are some I don't like. They're using DNS over HTTPS, which is a very simple solution. A cloud flare has it, OpenDNS has it, almost everybody has it. It is built into Firefox. Now it is built into a Chrome ish, they're rolling it out. But here's what happens with that. Instead of asking your ISP for the address for the bank, it sets up a secure. Tunnel effectively and SSL tunnel to either CloudFlare or open DNS or one of these other.
[00:06:00] So it goes directly there and says, Hey, what's the IP address for TD bank? And at that point secure. So if I'm asking my ISP using regular DNS for an address. In reality, somebody could be sitting in between. What the hackers have been doing lately is if you have a consumer-grade router, which is most small businesses, frankly we walk into is just kind of crazy.
But if you have a consumer-grade router and that router is not patched up. You've got problems. Now we've been into places where they've been diligent and applying patches the problem is that they haven't issued patches. This one place we went to, just a couple of weeks ago. Yeah. Yeah. I'm certain, I'm certain, I'm certain.
I go there every week and double-check and yes, indeed. This is the firmware version that I'm supposed to have installed. When I checked on my router, it's got that firmware version. So. I'm up to date. So then we went with her and we had a little bit of a closer look at it turns out.
[00:07:00] Yeah. Yeah, she was pretty diligent, but the vendor had not released patches in over two years.
So again, that's why you don't use any of the consumer stuff. That's why you got to stick with prosumer. If you're. On the cheap side, if you had to keep it cost down. And you're not really that concerned about security, but you don't want this to happen to you as well as a thousand other things.
And that's why we have a full prosumer package that we sell. That's all the hardware you need. And it's all automatically kept up to date and with getting machines and functioning properly with all the latest, you know, anti-malware software. So that prosumer stuff is important, but here's what happens.
[00:08:00]They've been going on and connecting to routers just randomly. They just cycle through all of these addresses on the internet and they find a router that is vulnerable to the attack, and then they change the firmware in it so that your computer now asks them what the IP address is for your bank.
So you type in TD bank.com. Your computer says, okay, who am I supposed to ask about this? Oh yeah, yeah. I'm supposed to ask my router about it. Cause that's what I found out from DHCP. So it goes ahead and asks the router about it. The router says, yeah I know bank of America or TD, or where was it you're going to? It doesn't really matter. Here's an IP address in Russia you should be going to.
We're seeing this happening by the tens of thousands now. So Microsoft has been trying to work their way around it. How can we do that? How do we know that an IP address is legitimate and they really messed up?
[00:09:00] Okay. This is called SIGRed. It not only exploits Windows DNS, but it's what's called a wormable bug. Which means it can crawl through other machines once it's on your network. So be very, very careful. Both Checkpoint and Microsoft say this is a critical flaw. It scores a 10 out of 10 on the CVSs common vulnerability scoring system.
This is bad. Make sure. You've got this patched. It's affecting practically every small and medium-sized organization in the world. It's gone unnoticed for 17 years, but no longer.
Hey, stick around. We're going to be right back. We're going to be talking about flash and a whole lot more. Make sure you're on my list.
So all of this work, I've done setting up this new studio doesn't go to waste and you can attend all of these free pieces of training. Craig peterson.com/subscribe.
---
More stories and tech updates at:
www.craigpeterson.com
Don't miss an episode from Craig. Subscribe and give us a rating:
www.craigpeterson.com/itunes
Follow me on Twitter for the latest in tech at:
www.twitter.com/craigpeterson
For questions, call or text:
855-385-5553