72
Attacks abuse Microsoft DHCP to spoof DNS records and steal secrets
(www.theregister.com)
This is a most excellent place for technology news and articles.
This is the best summary I could come up with:
In addition to detailing the security issue, the cloud services biz also provided a tool that sysadmins can use to detect configurations that are at risk.
While the current report doesn't provide technical details or proof-of-concept exploits, Akamai has promised, in the near future, to publish code that implements these attacks called DDSpoof - short for DHCP DNS Spoof.
"We will show how unauthenticated attackers can collect necessary data from DHCP servers, identify vulnerable DNS records, overwrite them, and use that ability to compromise AD domains," Akamai security researcher Ori David said.
The DHCP attack research builds on earlier work by NETSPI's Kevin Roberton, who detailed ways to exploit flaws in DNS zones.
In addition to abusing Microsoft's DHCP to create or overwrite DNS records, the team found another feature, DNSUpdateProxy group, that also poses a security risk - and potentially contains a bug.
But in the meantime, we'd suggest following Akamai's advice and disable DHCP DNS Dynamic Updates if you don't already and avoid DNSUpdateProxy altogether.
The original article contains 753 words, the summary contains 167 words. Saved 78%. I'm a bot and I'm open source!