Saturday November 22, 2008 7:34 AM AEST
Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
Latest Comments
"when i login to face book it tells me i am cookies enabled what does this mean"
on Ads on Facebook serving up adware
by celeste | Nov 21, 2008 5:15 PM
 
"Hi this is the mail I received Brett Karpman show details Nov 17 (3 days ago) Reply Atten..."
on Yahoo and Microsoft take aim at lottery scams
by Rodney Churchyard | Nov 20, 2008 6:13 PM
 
"security through obscurity...shows how detached HIPAA is from reality."
on Privacy breaches causing business instability
by priceOfFishInChina | Nov 20, 2008 1:19 PM
 
"Umm. no. The 6.5 product is mounting the offline VM image and performing a scan for patch ..."
on Shavlik Technologies to broaden its patch management offerings
by eric | Nov 20, 2008 8:15 AM
 
"it's great i tried it"
on McAfee offers free trial of security appliance
by divyacharan | Nov 20, 2008 12:24 AM
Web

DNS flaw causes security scramble

  • Email a Friend
  • Print Page
Related Articles
By Clement James
Aug 1, 2008 9:54 AM | 1 Comment
Tags: DNS | flaw | Web | Internet |
The well-publicised vulnerability in the DNS system, which can lead to DNS cache poisoning, has got security firms scrambling to provide protection.

Security service provider Integralis introduced a three-point system this week which it claims provides an immediate fix to eliminate the security risks and provide long-term protection.

The vulnerability allows a hacker to reroute information sent across the internet in such a way that existing security software and appliances may not detect a problem.

Once the routing has been changed the hackers can then extract any information transmitted. This can enable identity theft and major criminal activity on a personal and business basis.

DNS cache poisoning allows an attacker to introduce 'fake' DNS information into a caching name server.

Once 'poisoned' the DNS routing is changed to take legitimate URL requests and send them to a 'rogue' server which looks and acts like the actual server.

"Email and browser-based 'in the cloud' applications play a major part in day-to-day business transactions, so a security breach of this kind could have catastrophic business and personal implications," said Graham Jones, UK managing director at Integralis.

"Identity theft and business espionage are immediate threats, and stolen competitive information could be sold to the highest bidder."

Integralis explained that the quickest way to stop the security breach is to install a product that will use the root DNS servers and only trust authoritative name servers, thereby addressing the vulnerability for all email and internet traffic.

The second step is to work directly with security vendors to supply details of software patches available to close the security vulnerability.

Finally, an assessment of current security protection should be performed to help an organisation gain a good understanding of the information security issues it may have.

Copyright © 2008 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 1
The flaw has always been there, thank God it was finally discovered. Read my article : http://net-insider.blogspot.com/2008/07/dns-flaw-what-you-should-know-about.html
SC Magazine - comments icon Posted by HarounAug 1, 2008 6:26 PM
Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Tripwire - Click here to win an iTouch
 
 
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
000 browser cache credentials disclosure dns ebay flaw insecure internet kaminsky microsoft pirated poisoning public security servers threats vulnerability web