Web Hosting News

  Home arrow Web Hosting News arrow DNS Flaw Causes Global Panic
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

DNS Flaw Causes Global Panic
By: Michael Lowry
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1

    Table of Contents:
  • DNS Flaw Causes Global Panic
  • Flaw Exposed
  • Patch Now!
  • What Now?

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    DNS Flaw Causes Global Panic

    (Page 1 of 4 )

    In early 2008, Dan Kaminsky, a renowned computer security researcher, discovered a fundamental flaw in the DNS protocol. For months he worked in secret with DNS vendors trying to develop a patch that would make exploiting the flaw more difficult. It wasn't until July 8 that the patch and news of the flaw were disclosed. This article will recount the chaotic series of events that have taken place since then.

    The Domain Name System (DNS), for those who don't know, is a network of servers mainly used to translate domain names into IP addresses. This way, people don't have to worry about routing arrangements or how the machine locates an IP address; all they need to know is the domain name, which is readable and much easier to remember. The flaw that Kaminsky discovered was within the DNS itself, and made it particularly vulnerable to cache poisoning attacks.

    Cache poisoning occurs when someone maliciously tampers with the translation operations of the DNS server. An exploited server that does not ensure that DNS responses come from an authoritative source could potentially cache incorrect entries and serve them to users who request them. An attacker could just create fake entries for files on a server they control with names matching the files on the exploited server. A user could then be tricked into downloading malicious code. Or, for example, a server might route users to a site filled with spam when they try to visit devshed.com.

    Naturally, Kaminsky advised all vendors to deploy the patch to their customers. He even provided a DNS checker at the top right corner of his website so that people can check to see if the DNS server they use is vulnerable. The United States Computer Emergency Readiness Team (US-CERT) posted its own notice on the vulnerability along with a list of hardware/software vendors stating whether or not their products are affected. Things seemed to be going smoothly at first, with vendors like Microsoft, Cisco, and Internet Software Consortium (ISC) issuing patches right away.

    But we all know the Internet is a dangerous place. Sooner or later something was bound to happen that would throw a wrench into the whole operation. Kaminsky planned to wait thirty days after disclosing the vulnerability before releasing all the details. He “wanted to go public with the issue to put pressure on corporate IT staff and Internet service providers to update their DNS software, while at the same time keeping the bad guys in the dark about the precise nature of the problem.” Unfortunately, people have a hard time keeping their mouth shut.

    More Web Hosting News Articles
    More By Michael Lowry


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap