The vulnerability can be exploited by cache poisoning which, in very basic terms, lets the exploiter redirect traffic from legit Web sites to their illegit ones.
(There's a good technical explanation here, from Informationweek's Mike Fratto.) The size of the problem -- and the implications of that size -- are made clear both in the essentially unprecedented unity of industry response, but also in the caution (or caginess) of public statements about the vulnerability itself.
That reticence (to be kind) will be debated, discussed and blogged for awhile -- how much right do those who use the Internet have when it comes to understanding just how deeply flawed the Net's underlying organizational structure may be?
Add your two cents' worth to that debate here, there or anywhere -- the important thing right now is to get a handle on your own business's relationship to the (DNS) domain name server problem and its fixes.
If your business is running DNS servers then you and your technical team should already be on top of the situation: check with your server manufacturer for a patch and put it to work.
If, like many small and midsize businesses, you're not running your own servers, make a quick inquiry to your service provider to make sure that they have patched theirs.
As I blogged yesterday, the more you know about how your service -- and server! -- providers work and the care they take in their work, the better protected your business will be.
The bMighty Server How-To Center is here.
