See your link here

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.

Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

Internet domain system open to fraudulent attack, expert says

Matthew Broersma Today’s Top Stories

or Other Security Stories

August 5, 2005 (TechWorld.com) -- A large number of DNS servers, a critical part of the Internet's infrastructure, are vulnerable to attacks that could lead to widespread fraud, according to a security researcher.
A scan conducted by Dan Kaminsky, a networking security expert, has found that hundreds of thousands of DNS servers could be vulnerable to a type of attack that routes Internet traffic to malicious websites.
The attack technique, known as DNS cache poisoning, came to public attention when attackers used it to redirect traffic from a large number of financial, entertainment, travel, health and software sites to attackers' servers in order to install malicious code (See DNS 'pharming' attacks target .com domain) .
Despite the danger, large numbers of servers are still configured in a way that allows the attack to take place, according to Kaminsky. In a scan of about 2.5 million DNS servers, he found that about a tenth, or 230,000, could be vulnerable.
Domain Name System (DNS) servers host a distributed database that allows the translation of domain names (e.g. name.com) to IP addresses. They also route e-mail by listing each domain's mail exchange server. In a cache poisoning attack, a DNS server is compromised so that a legitimate domain name resolves to the attacker's IP address, which can present the user with anything the attacker chooses.
Such techniques have been around for years, but the April incident demonstrated that they are not just theoretical. Nevertheless, many DNS servers have been left in the same vulnerable configurations that were exploited in April. DNS servers are run by all manner of organizations, including corporations and Internet service providers.
At least 230,000 of the servers scanned are configured to forward DNS requests to BIND8 DNS servers, according to Kaminsky. This was one of the vulnerabilities exploited in April, according to the SANS Institute, a security organization. Of those, 13,000 are Windows name servers forwarding to BIND8, making them exceptionally high risk, Kaminsky said. Another 53,000 at least are very likely to be vulnerable, he said.
The Internet Software Consortium (ISC), which distributes the widely used BIND software, specifically states that BIND4 and BIND8 aren't suitable to act as targets for name server forwarders, because of the ongoing danger of DNS cache poisoning. "There is a current, wide scale Kashpureff-style DNS cache corruption attack which depends on BIND4 and BIND8 as 'forwarders' targets," ISC stated on its Web site. "Upgrade all nameservers used as 'forwarders' to BIND9."
K aminsky said has only been able to scan a fraction of the existing name servers so far, which he estimated at 9 million.
Kaminsky published some of his findings on the Web site of hisfirm, DoxPara Research , earlier this week. He presented the findings last week at the Black Hat security conference.

Reprinted with permission from

Print this Story

Send Us Feedback

E-mail this Story

Digg this Story

Slashdot this Story

"Some Asian airlines are reporting rising losses to inflight credit card fraud because there is typically no online credit-card authorization..." Read more...

Read more Security posts or See all Blogs

	BlackBerry Storm sales should be strong, Verizon says
	Microsoft to launch IE8 in '09; RC due out in Q1
	Google shutters its Lively virtual world
	More top stories...

	Review: BlackBerry's Storm is awkward and disappointing
	Microsoft dissed Intel's 915 chip set before making 'Vista Capable' changes
	NASA sniffs out trouble with electronic nose on space station

2008 Salary Survey: IT pay takes tiny leaps

If you're like our 7,000 survey respondents, your paycheck this year has been flattened and your bonus obliterated. We offer 12 ways to plump up your paycheck.

Windows 7 in-depth review and video: This time Microsoft gets it right

Microsoft's next OS might more accurately be called Windows 6.5: It's essentially a better version of Vista.

Twitter for business: 5 ways to tap the power of the tweet

Twitter can be a valuable business tool -- if you know what you're doing. Here's how to juice it for all it's worth.

Microsoft's 'Vista Capable' changes outraged HP, insider e-mails show

By helping Intel with loosened 'Vista Capable' requirements, Microsoft 'severely damaged' its credibility, said an HP exec in a newly unsealed Feb. 2006 e-mail.

Windows 7

Get the latest news, reviews and more about Microsoft's newest desktop operating system

2008 Salary Survey

Find wage data for 50 IT job titles.

All Zones
Business Continuity Zone
The File Data Management Zone
Security Management Zone
The SAS Zone
Business Intelligence and Analytics Zone
The Enterprise Search Zone
Software as a Service Zone
The Security Zone

See your link here

Advance your BlackBerry(R) solution management know-how this July

Advance your BlackBerry(R) solution management know-how this July
BlackBerry Technical Seminar, register today!

Go to the webcast

Cut Data Center Energy Costs

Get this white paper now!
(Source: Liebert) Cooling accounts for 35% of data center energy consumption. Discover strategies that can reduce cooling energy costs by as much as 40%, including simple steps you can take to get more from your existing cooling system and emerging technologies that can increase cooling capacity and data center density.

Download this white paper

Computerworld Executive Briefing: Automating Network Management

Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP.
(Source: Computerworld) This briefing looks at the basics of network management, which tend to get lost in the dizzying array of products and processes. It also examines new tools that are on the way to help IT executives deal with management in the new era of automation.Download this Executive Briefing now (a $195.00 value), compliments of ProCurve Networking by HP.

Download this executive briefing

White Papers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

	Security Trends Overview: Targeted Phishing Attack
	Enterprise Findability Without the Complexity
	Wireless LAN Virtualization: Twice the Network at Half the Cost

View more whitepapers

XenServer FREE trial
Citrix XenServer is the simplest and most effective way to virtualize and provision servers. XenServer combines comprehensive server virtualization capabilities with unparalleled scalability, performance, economics, and ease-of-use. Based on the open source Xen hypervisor, XenServer delivers fast performance, easy management, and advanced features such as live migration.

Request free trial now

Chrome a Windows killer?
Anonymous wrote: Having to be connected to use apps that are not inherently dependent upon being connected is a liability...
[read the story | have your say]

Hot topics now:

Accelerate your pursuit of perfection

For almost 80 years, Kodak has been helping banks, insurance companies, healthcare providers, government agencies and other businesses produce billions of document images. So Kodak is uniquely positioned to know and deliver–what customers want: easy-to-use scanners that output the best possible image quality.
Download this white paper now!

Steven J. Vaughan-Nichols: 64-Bit Linux Adobe Flash Player: Surprisingly good When Adobe decided it was time to provide a 64-bit Flash Player, they released it on Linux and Solaris. Wow. [more]

Keys to Microsoft application acceleration: advances in delivery systems

Simply designing a data center that only deploys more servers, more storage, and more devices significantly increases network complexity and cost. You can now ensure significantly faster access to the Microsoft applications your users depend on.

Download this whitepaper

Next Gen Load Balancing: 8 Things You Need to Handle Today's Network Traffic

Learn how you can replace your aging load balancer with a true web application delivery appliance that provides 100% availability through full Layer 7 awareness and intelligent traffic management and delivers web apps with the highest performance and security possible.

Download this white paper

Constellation Brands Case Study

Learn why a $6.5 billion international producer and marketer of alcoholic beverages chose Citrix NetScaler to increase Web app performance and ensure high availability of global intranet and public Web sites.

Download this case study

Welch's Case Study

Learn why a large US food processor chose Citrix NetScaler to securely deliver a new Oracle ERP solution to external partners and remote users. You'll learn how Welch's was able to add 250 new users without expanding their IT staff or taxing the availability of their network resources.

Download this case study

Sponsored Links

Securing the converged enterprise has become a multidimensional discipline requiring a centralized, defense-in-depth approach. Learn more with this AT&T white paper.

Defy the laws of reporting - introducing Crystal Reports(R) 2008. Discover it now.

Instant server virtualization. Free download!

See the power of the new Quad-Core AMD Opteron" processor.

Citrix NetScaler 9 - Slash server costs by 60%

Kodak i600: Easy on your operators and your bottom line. Learn more about the i600 now.

Rackspace: The True Value of a Hosting Provider

SYMANTEC IS EMAIL ARCHIVING: Enterprise Vault - Free EMAIL HEALTH CHECK

Free Trial - New Diskeeper 2008 unleashes system speed. Get maximum system performance and reliability automatically now!

Samsung Printing Solutions--control workflow, costs and operations

Learn what 389 global technology decision-makers had to say about developing service-level agreements (SLAs) and measuring service quality.

The Future is Fusion. Only from AMD. See our video to learn more.

Beyond consolidation: five reasons why you should start virtualizing

Renowned Engineering Institution Chooses AMD Processor-Based Servers

What can you do with two monitors and your laptop? See more&

Not All QSAs Are Created Equal: What You Should Know Before You Buy

The arrival of Serial Attached SCSI (SAS) marks a new era in storage scalability

The AMD Virtual Experience Virtual Trade Show

Learn about the new breed of mobile technologies and services and how to pick the right devices and software for your needs.

Learn how the new Quad-Core AMD Opteron(TM) processor improves performance

Microsoft SQL Server 2008. Read Case Studies & Try for Free.

Web Hosting UK - Cheap Windows Linux PHP MySQL ASP MSSQL Hosting in UK

HP StorageWorks products - control, consolidation and confidence.

Meru announces Wireless LAN Virtualization. Optimize RF use. Lower costs. Learn More

Save up to 64% plus 3 FREE Gifts from Omaha Steaks.

SYMANTEC IS EMAIL ARCHIVING: Enterprise Vault - Get your free white paper. Effective strategies for backup, archiving and recovery

Predict the future with HP Insight Power Manager

Reliable. Long-lived. Portable. Affordable. Energy-efficient...Tape Storage

Disk Backup and EMC: Addressing Today's Business Problems

Download Windows Server 2008 Hyper-V

How-to video: Smart steps to efficient power management

Tape vs. Disk...Which Costs More? Read "Disk and Tape TCO Square off Again"

Intercept Spam & Viruses With MessageLabs

Leverage Your Cisco infrastructure for Superior Application Performance

Learn about the AMD Virtual Experience

Introducing: Project Icebreaker

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map

CIO

Computerworld

CSO

DEMO

GamePro

Games.net

IDG Connect

IDG World Expo

Infoworld

The Industry Standard

ITworld

JavaWorld

LinuxWorld

MacUser

Macworld

Network World

PC World

Playlist

Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.

	Networking
	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10