08-29-2008 - Arkoon increases the protection level of his customers DNS servers with the latest FAST360 UTM appliances software update
But a few days after the public announcement of a newly discovered vulnerability of the Domain Name System (DNS), Arkoon is among the first security device providers to offer not only a reinforcement of its own line of products, but also and foremost a number of mechanisms that can help mitigate a few deficiencies in some DNS server implementations (such as ill-randomisation of the source port of a DNS request).
For more details, go to Customer Space.
CVE-2008-0166 : NON-VULNERABLE ARKOON
OpenSSL vulnerability:
A vulnerability in the Debian OpenSSL Package was recently discovered and details were released.
UTM FAST360 appliances include the OpenSSL solution to provide certification and encryption authorization functionalities.
Since this type of third-party product is integrated in UTM FAST360 appliances directly from source packages provided by the software development project team, UTM FAST360 appliances are not impacted by this vulnerability.
Nevertheless, please note that using external keys (for example, in the case of a VPN client connection) that were generated using a vulnerable system may diminish the security of your infrastructure. Therefore, we recommend regenerating these keys from an updated system or directly from the UTM FAST360 appliance.
Customer area
Security center
The security of your information system is a major concern for your business. This is why ARKOON has created a team dedicated to the processing of security alerts coming from its customers and official organisations, in order to meet its customers’ information requirements and to transmit a patch.
