The best description currently appears to be here – http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html.

I originally learned about it here – http://www.securityfocus.com/columnists/477.

And, before finding the first link, checked out the CERT link (http://www.kb.cert.org/vuls/id/800113), which also has a better technical summary than the SecurityFocus article.

No Comments »