Techtree News Staff, Aug 07, 2008 1440 hrs IST
Technology vendors have launched a massive campaign to fix a DNS flaw, which could allow a form of attack called DNS cache poisoning.
As reported earlier, DNS vulnerability has been the talk of town since early July when Dan Kaminsky revealed that a flaw in the DNS software can allow a form of attack called DNS cache poisoning.
On Wednesday, at the Black Hat conference held at Las Vegas, Dan Kaminsky addressed anxious attendees and explained what the fuss is all about. He revealed that the DNS, which acts like the online version of the 411, is the component which decides and controls how and where online information gets routed. Say, you type in www.google.com and hit enter, it is the DNS that takes care of the request and opens up the web page you wanted. (For those who do not know, 411 is a local directory number widely used in the US and Canada)
What DNS cache poisoning can do is to alter the association between the domain names and IP addresses. This is an alarming scenario. A simple example would be like hitting www.google.com and the website that opens up maybe www.yahoo.com - or any other website that the hacker chooses to - as they now have control where online information gets routed. Although the example above is a tad far fetched, what can happen is that the hacker could flood a DNS server with multiple requests for similar-sounding domain names - confusing the server into querying a root server for name server/s handling lookups for these domains.
After the announcement on 8th July, Kaminsky had requested security researchers to not reveal details about the vulnerability so that affected entities could have enough time to patch . However, security researchers Halval Flake and an analyst from Matasano Security on July 21 did post details about how the flaw worked.
Kaminsky estimates that there are about 35 known and unknown ways to execute this attack. After the announcement, almost 80 technology vendors have been working overtime to fix the bug - and it seems to be working. Information Week reports that the percentage of vulnerable unique name servers that subjected themselves to self-test on Kaminsky's blog has come down from a scary 85% to about 50%. However, that still isn't enough - as even Fortune 500 companies have had issues patching the bug due to issues with NAT (Network Address Translation).
As for the bug being actually exploited by hackers, a reported incident from AT&T suggests that its Internet Services DNS cache server was altered to replace the cached entry for www.google.com with another web page that served advertisements. Although not a critical security flaw, it did highlight the dangers about the bug and that Kaminsky's concern is warranted.
For more, you may check Dan Kaminsky's blog, where your DNS server can also be subjected to a vulnerability test.
USER COMMENTS
VIEW ALL LATEST
Bharti Airtel To Enter Digital Cinema
Having made a mark with its three-screen strategy - mobile phones, IPTV and broadband - Bharti Airtel is now planning to head towards the fourth screen, namely the digital cinema. ...
LiL: India's Answer to Twitter, More
LifeinLines, a.k.a LiL, allows you to share your experiences and thoughts instantly through email, voicemail, video, SMS/MMS, and Gtalk. ...
Cloud AV: Antivirus, Cloud Computing Style
Cloud AV does not involve the installation of resource-hogging antivirus suites, and instead uses a cloud computing like approach and loads an antivirus functionality on to the network cloud. ...
Left 4 Dead: Pwning the Zombie Space
Left 4 Dead takes on zombie masterpieces like Resident Evil 4, and comes out looking good. ...
The Last Guy Out Now
The Last Guy mixes elements of the most popular cell phone game, namely Snake, adds a touch of Pac-Man to it, and provides maps of various cities across the world. ...
MOST REQUESTED REVIEWS
Software NEWS
|
Cloud AV: Antivirus, Cloud Computing StyleCloud AV does not involve the installation of resource-hogging antivirus... |
|
WGA Notifications UpdatedMicrosoft has begun deployment of the latest version of WGA Notifications for... |
|
Photoshop Now on your MobilePhotoshop.com Mobile will enable users to upload pictures taken from their phone |
Software REVIEWS
|
9 best IE addonsReviews | Software | Internet | 24 Aug 2008 There are many useful add-ons that help to alter IE to speed up, change default... |
|
Reclaim your Memory with MinimemReviews | Software | System Tools | 17 Aug 2008 Minimem is a program that can reduce the memory footprint of any application. |
|
SOS- Anti-virus Rescue Disks to the rescueReviews | Software | Anti-virus | 10 Aug 2008 These are special anti-virus disks that can be used to scan the computer... |
Software USER REVIEWS
|
Auslogics BoostSpeed 4software | Auslogics | Tue, 06 May 2008 A powerful and easy to use Windows optimization suite that really does its job... |
|
|
Morange Morangesoftware | Morange | Sat, 20 Oct 2007 great free or paid version |
|
|
tally 7.2 tally 7.2software | tally 7.2 | Wed, 02 Aug 2006 Basic accounting requirement of displaying balance after each transection... |
MOST POPULAR NEWS
MOST POPULAR REVIEWS
MOST POPULAR GAMES
MOST POPULAR DOWNLOADS
|
MiniLyrics... |
|
Sony Ericsson update| System Tools | ... |
|
Satsuki Decoder Pack| Multimedia Tools | ... |
Instaed of the simple example of diverting google to yahoo - how about diverting bank of America (say) to a site that looks just like the bank's site - but isn't - perfect for a "man in the middle" attack - it all looks totally legit to the poor user but the $ amounts in and out are spoofed and real money is diverted - that's the scarey bit
Dave | Victoria, BC | 07/08/08 08:31 PM | Report abuse Reply
Yes, let's use an analogy that we then have to explain (the 411 analogy in the article). LOL, what a terrible aritcle and what a terrible writer!
John | Omaha | 07/08/08 04:48 PM | Report abuse Reply
"...there are about 35 known and unknown ways to execute this attack." Huh? He knows the number of "unknown ways"?
wadyasay | alberta | 07/08/08 04:46 PM | Report abuse Reply
Please learn about DNS before writing about it
Woodchuck | | 07/08/08 04:22 PM | Report abuse Reply