Re: [Fed-Talk] OS X DNS clients still unpatched?
Re: [Fed-Talk] OS X DNS clients still unpatched?
- Subject: Re: [Fed-Talk] OS X DNS clients still unpatched?
- From: ED Fochler <email@hidden>
- Date: Fri, 8 Aug 2008 12:46:12 -0400
I strongly disagree. Although Apple was a little slow to address DNS
and the ARD-applescript problems, they appear to be addressed. As for
the DNS client being vulnerable, that would imply that you can't trust
your local DNS server or your local network. If that's the case, then
you have bigger problems than how random your ports are.
ED Fochler.
On Aug 8, 2008, at 12:23 PM, Jason Levine wrote:
Wow -- I didn't know that the DNS patch pushed out by Apple (three-
plus
weeks later than every other provider) actually doesn't patch what
might be
argued to be the more *critical* side of the DNS bug, the client side:
http://www.sans.org/newsletters/newsbites/newsbites.php?vol=10&issue=61#sID3
04
http://www.computerworld.com/action/article.do?command=viewArticleBasic&arti
cleId=9111363&source=rss_topic17
http://www.informationweek.com/news/hardware/mac/showArticle.jhtml?articleID
=209901566
Given how tight-lipped Apple is with any security-related info, I
won't
presume that this post will generate any official Apple response...
but
Apple reps, know that this looks *BAD*, and makes it that much
harder to
convince my folks here that using Macs on the desktop is a secure
option.
Jason
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
@mail.nih.gov
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden