Web Hosting News

  Home arrow Web Hosting News arrow Page 4 - DNS Flaw Causes Global Panic
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

DNS Flaw Causes Global Panic
By: Michael Lowry
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 1

    Table of Contents:
  • DNS Flaw Causes Global Panic
  • Flaw Exposed
  • Patch Now!
  • What Now?

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    DNS Flaw Causes Global Panic - What Now?

    (Page 4 of 4 )

    As promised, Dan Kaminsky detailed the DNS flaw at the Black Hat security conference on August 6. It was a standing room only event, so clearly the hype surrounding the issue was at its apex. Although coverage of the flaw has been intense, Kaminsky was able to provide a few new details in a fairly thorough slideshow. The bad news is that the DNS and the Internet's infrastructure remain fundamentally vulnerable. The good news is that the entire computer industry was able to collaborate and tackle the issue. Nearly half of all broadband subscribers are now protected.

    A solution for this problem will not be easy to achieve. Kaminsky says the growth of dynamic, interactive media combines data from multiple, unsecured sources to each web page. This means that some minor content on a web page could make an entire site vulnerable. Indeed, because this flaw is within the underlying structure of the Internet, there are many ways a person's computer is vulnerable aside from cache poisoning: email services, spam filters, File Transfer Protocol (FTP), data transmission protocols like BitTorrent, Secure Socket Layer (SSL) which secures online financial transactions, and even automatic software upgrade services.

    Upgrading to DNSSEC has been proposed, but it's unlikely to  be fully deployed, at least for a while, even though it is a viable solution. Technological and political issues have slowed its implementation worldwide. DNSSEC, which has been in development for 11 years, mends the flaws in the original DNS protocol by using digital signatures to verify whether information is coming from an authentic source. Developers have recently resolved issues like its ability to scale the entire Internet and the fact that it revealed zone data. Doing so has led to its implementation on the .org TLD as well as several country-level domains.

    The one major issue that hasn't been settled yet has to do with who should own the public root encryption keys associated with any domain name. However, many countries fear the consequences of ICANN having sole access to the keys and the U.S. government having de facto control of the Internet. The fact is that a solution is out there, and if the situation is as dire as Kaminsky says it is, it's imperative that we come together to make the Internet safer for everyone, before something really catastrophic happens.

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap