Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Internet domain system wide open to attacks

Internet domain system wide open to attacks

by Nikola Strahija on August 5th, 2005 A large number of DNS servers are vulnerable to attacks that could lead to widespread fraud, according to Dan Kaminsky, a security researcher.


A scan conducted by Dan Kaminsky, a networking security expert, has found that hundreds of thousands of DNS servers could be vulnerable to a type of attack that routes Internet traffic to malicious websites.

Despite the danger, large numbers of servers are still configured in a way that allows the attack to take place, according to Kaminsky. In a scan of about 2.5 million DNS servers, he found that about a tenth, or 230,000, could be vulnerable.

Domain Name System (DNS) servers host a distributed database that allows the translation of domain names to IP addresses. They also route e-mail by listing each domain's mail exchange server. In a cache poisoning attack, a DNS server is compromised so that a legitimate domain name resolves to the attacker's IP address.

At least 230,000 of the servers scanned are configured to forward DNS requests to BIND8 DNS servers, according to Kaminsky. Of those, 13,000 are Windows name servers forwarding to BIND8, making them exceptionally high-risk, Kaminsky said. Another 53,000 at least are very likely to be vulnerable, he said.

The Internet Software Consortium (ISC), which distributes the widely used BIND software, specifically states that BIND4 and BIND8 aren't suitable to act as targets for name server forwarders, because of the ongoing danger of DNS cache poisoning. -There is a current, wide scale Kashpureff-style DNS cache corruption attack that depends on BIND4 and BIND8 as 'forwarders' targets, ISC stated on its Web site. -Upgrade all nameservers used as 'forwarders' to BIND9.

Kaminsky said has only been able to scan a fraction of the existing name servers so far, which he estimated at nine million.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »