Since my post on this issue yesterday and also Andy Whelan’s post to the ISSA Ireland’s newslist, a number of people have come back to me offline with regards to the current status within the Irish Internet space. It seems that a number of ISPs, 16 apparently, have not yet patched their DNS servers. But the biggest challenge appears to be organisations ensuring that their DNS servers are patched.
Here is an excerpt from an email I recieved that highlights the challenges;
“we’re patched and we have been notifying our clients who have dns servers non-patched. There is also a worldwide effort by “non-for-profit security organisations” to alert ISP abuse desks, although whether they act or the sysadmins act on the email is anyone’s guess.
There are 35 ISP in INEX (https://www.inex.ie/about/memberlist), a quick look through a “special list – as of 21/07/2008″ shows there were 16 ISPs with DNS servers in their range vulnerable.
The irish ISP’s have patched their main DNS servers, but the problem seems to be their clients who run their own DNS servers, have servers in hosting centres or rogue departmental servers hidden away the IT security teams don’t know about.”
So to those 16 ISPs, patch your systems ASAP. If your normal maintenance window is still a number of weeks away then consider using an emergency window instead. Talk to your upstream ISPs and ensure they also patch their servers.
To those of you who manage or look after your own DNS servers you need to get the finger out and patch them.