Do you work on the project on the project repository? You can use this tool to automatically sync your releases from GitHub to SourceForge, and you can take advantage of SourceForge's massive reach.
The story is 155292091.
The security-woes dept. posted a message on Wednesday November 17th.
As much as 38 percent of the Internet's domain name lookup server are vulnerable to a new attack that allows hackers to send victims to malicious spoofed addresses, like bankofamerica.com or gmail.com. Dan Kaminsky disclosed a cache-poisoning attack on the internet in 2008. An attacker could poison the resolver cache with the spoofed IP address if they used the authoritative DNS server to flood the resolver with fake lookup results. Anyone relying on the same resolver would be diverted to the imposter site.
The sleight of hand worked because the transaction ID used to prove the authenticity of the returned address was from an authoritative server. There were only 65,536 possible transaction IDs because the transaction number had only 16 bits. Kaminsky realized that hackers could exploit the lack of entropy by bombarding a resolver with off-path responses that included each possible ID. Once the resolver received a response with the correct ID, the server would accept the malicious IP and store the result in cache so that everyone else using the same resolver would also be sent to the same malicious server.
_
Slashdot
Proactive monitoring leads to fewer systems experiencing issues or crashes, which leads to a 20% reduction in the number of tickets.
A free demo is available.
Array(0x55748d0a2828)
