An apple a day.......

Should keep the doctor away. Useless its an OS X install acting as a DNS server, in which case this apple a day will get you owned.

Incase you have been living on the moon and have missed the huge amounts of news stories about the serious issue discovered in every DNS implementation please read this.

It appears that Apple are one of the few major vendors who have not released a patch and according to Heise Security they haven't even issued any security alerts. I'm not an anti Apple person, I own a Macbook and an Ipod Touch but over the years they haven't been great at security and patching. Steve Jobs might be right about Microsoft lacking taste and design ideas but they sure do kick Apple's ass when it comes to patching and patch scheduling.

This DNS issue has been bubbling for a couple of weeks now until Halvar Flake figured out the problem. DYOR (Do Your Own Research) on the whole story but the issue has got much worse with the release of a metasploit module and Evilgrade which exploits this issue.

As soon as I get the chance I will give a demo of either the metasploit modules or Evilgrade, probably Evilgrade as I like the look of that!

Dave