Monitoring the world’s DNS status using a display straight out of WarGames

Nothing says Cold War like a map of the work with LEDs embedded in it. Throw in some analog dials for good measure and you’ve got a piece that would be comfortable mounted next the WOPR in everyone’s favorite ’80s-computers-run-amok movie. We think [Dima] really hit the mark when building this status panel for OpenDNS datacenter monitoring.

[Dima] works for OpenDNS and wanted to make something special for its upcoming 5 year anniversary. He’d already been toying with making boxes from laser-cut wooden pieces. This was just a matter of choosing a size that would fit the dials and leave a suitable area for a laser-etched map. Each of the twelve panel meters gets a PWM signal from the Arduino Mega that he used to bring the device to life. It shows a comparative server load for each data center based on the previous day’s numbers. There is an LED in the map for each of these centers. Right now they’re all red, but he used RGB LEDs and plans to upgrade the capability soon. He should have no problem doing this as he sourced some TLC5940 drivers to extend his I/O capabilities.

Don’t forget the check out the clip embedded after the break. [Read more...]

DNS cache poisoning webcast


UPDATE: Full audio of the webcast is now available

Today Black Hat held a preview webcast with [Dan Kaminsky] about the massive DNS bug he discovered. On July 8th, multiple vendors announced a patch for an undisclosed DNS vulnerability. [Dan Kaminisky] did not release the details of the vulnerability at that time, but encouraged security researchers to not release their work, if they did happen to discover the bug. On the 21st, the full description of the vulnerability was leaked.

In today’s webcast, [Dan] covered how he felt about the handling of the vulnerability and answered a few questions about it. He started out by talking about how he stumbled across the bug; he was working on how to make content distribution faster by using DNS to find the server closest to the client. The new attack works because DNS servers not using port randomization make it easy for the attacker to forge a response. You can read the specifics of the attack here.

[Read more...]

Follow

Get every new post delivered to your Inbox.

Join 91,861 other followers