New remote DOS for ISC BIND (DNS) just announced:



https://www.isc.org/node/474



securityfocus has a poc:



http://downloads.securityfocus.com/vulnerabilities/exploits/35848.txt



if i got all my bits straight this should drop and log those packets in a cisco asa firewall:



policy-map type inspect dns preset_dns_map

match header-flag eq 0×2800

drop log

Tags: DOS

This entry was posted on Tuesday, July 28th, 2009 at 20:57 and is filed under Exploits. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.