hpr_transcripts/hpr0147.txt

Episode: 147
Title: HPR0147: New DNS vunerablity
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0147/hpr0147.mp3
Transcribed: 2025-10-07 12:25:38

---

5
Hello and welcome to Hacker Public Radio.
This is the MeroVinji coming to you today, humbly with apologies for not having a formal
topic ready for this podcast.
Instead I would like to make sure to draw everyone's attention to the new DNS vulnerability
that has been disclosed on the internet.
I'm sure by the time you're listening to this you have already read every article about
the new DNS vulnerability and I'm sure there are new things that are going to come out
tomorrow but I just wanted to take this time to make sure and draw everyone's attention
to this because I dare say that this is going to be a fairly big deal and a fairly big
problem for a lot of corporations and for a large piece of the internet.
I would like to give credit to CS Weasel on his blog.
He has a pretty good bit of information including links to other blog posts and different information
about the DNS vulnerability which again for those who don't know is McGrewSecurity.com.
That's where I have found a lot of my information about this particular vulnerability and following
the links and comments that are on his website you can go and find the other slash.posts,
the other blog posts out there pertaining to the vulnerability, how it works and ultimately
that if you are not currently patched for this vulnerability you should probably look
at getting patched.
If you don't know whether or not you are patched Dan Kaminsky's website, the Dan Kaminsky
the individual who is credited with discovering this vulnerability, at his website DocsProsa
or DocsPera he has a little tool on the right hand side of his web page that says check
my DNS and it will run some little tests and basically see whether or not you are vulnerable
to this DNS problem.
His website is DocsPera.com.com and I would definitely go and check to see if you are vulnerable.
If the results show that you are vulnerable, if you are a Sysadmin, NetEdmin you probably
want to look at how to fix this problem, how to resolve this problem.
If you are not a Sysadmin, NetEdmin then you might want to contact whoever is in charge
of your DNS server and I am sure they probably already know but again just to draw their
attention to this because once again this definitely has a lot of potential to be a very
bad thing but at the same time it may not draw or it may not become a huge ordeal provided
everyone is up to date and patched and things like that.
So again just to draw everyone's attention to this because ultimately I did not have
a more formal topic to discuss which again I apologize for.
So have a good rest of the afternoon, evening, whatever time that you are listening to this
and enjoy.
Initial commit: HPR Knowledge Base MCP Server - MCP server with stdio transport for local use - Search episodes, transcripts, hosts, and series - 4,511 episodes with metadata and transcripts - Data loader with in-memory JSON storage 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com> 2025-10-26 10:54:13 +00:00			`Episode: 147`
			`Title: HPR0147: New DNS vunerablity`
			`Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr0147/hpr0147.mp3`
			`Transcribed: 2025-10-07 12:25:38`

			`---`

			`5`
			`Hello and welcome to Hacker Public Radio.`
			`This is the MeroVinji coming to you today, humbly with apologies for not having a formal`
			`topic ready for this podcast.`
			`Instead I would like to make sure to draw everyone's attention to the new DNS vulnerability`
			`that has been disclosed on the internet.`
			`I'm sure by the time you're listening to this you have already read every article about`
			`the new DNS vulnerability and I'm sure there are new things that are going to come out`
			`tomorrow but I just wanted to take this time to make sure and draw everyone's attention`
			`to this because I dare say that this is going to be a fairly big deal and a fairly big`
			`problem for a lot of corporations and for a large piece of the internet.`
			`I would like to give credit to CS Weasel on his blog.`
			`He has a pretty good bit of information including links to other blog posts and different information`
			`about the DNS vulnerability which again for those who don't know is McGrewSecurity.com.`
			`That's where I have found a lot of my information about this particular vulnerability and following`
			`the links and comments that are on his website you can go and find the other slash.posts,`
			`the other blog posts out there pertaining to the vulnerability, how it works and ultimately`
			`that if you are not currently patched for this vulnerability you should probably look`
			`at getting patched.`
			`If you don't know whether or not you are patched Dan Kaminsky's website, the Dan Kaminsky`
			`the individual who is credited with discovering this vulnerability, at his website DocsProsa`
			`or DocsPera he has a little tool on the right hand side of his web page that says check`
			`my DNS and it will run some little tests and basically see whether or not you are vulnerable`
			`to this DNS problem.`
			`His website is DocsPera.com.com and I would definitely go and check to see if you are vulnerable.`
			`If the results show that you are vulnerable, if you are a Sysadmin, NetEdmin you probably`
			`want to look at how to fix this problem, how to resolve this problem.`
			`If you are not a Sysadmin, NetEdmin then you might want to contact whoever is in charge`
			`of your DNS server and I am sure they probably already know but again just to draw their`
			`attention to this because once again this definitely has a lot of potential to be a very`
			`bad thing but at the same time it may not draw or it may not become a huge ordeal provided`
			`everyone is up to date and patched and things like that.`
			`So again just to draw everyone's attention to this because ultimately I did not have`
			`a more formal topic to discuss which again I apologize for.`
			`So have a good rest of the afternoon, evening, whatever time that you are listening to this`
			`and enjoy.`