Alarm Sounded on Hijacking of DNS System Through DNS Cache Poisoning - Massive Fix Effort - 1,199 Views, 1 Comment
|
Previous Article « Learn How to Play Songs with How-To Videos by the Actual Artists
Read Next Article » Employees with Mobile Work Email Can Sue for Overtime, Warn Legal Experts
Several industry giants and Internet security firms have been quietly collaborating to roll out an Internet-wide system of patches to block a hole in the Internet’s DNS system, which allows for DNS cache poisoning. DNS, which stands for Domain Name System, translates domain names to the actual number-based address on the Internet at which the computer for that domain resides, allowing computers to find each other, such as to visit a website. DNS cache poisoning allows a hacker to change the data so that when your computer uses DNS to determine where the domain you want to visit is hosted, your computer is told to go to the wrong place (where an exact copy of the website you want to visit is waiting). For example, if you want to visit a website at example.com, your computer should be told to go to the computer at IP address 1.1.1.1, but with DNS cache poisoning, instead your computer will be told to go to 2.2.2.2, where the hacker’s machine is waiting - with that exact copy of the website you wanted to visit - so that while the hacker is doing all sorts of evil things like sucking down all of your passwords and installing viruses on your computer - you’ll be none the wiser. The DNS cache poisoning DNS vulnerability was discovered a few months ago, and companies such as Microsoft, Sun, and Cisco have been quietly but steadily working with security experts to create a fix that could be applied system-wide. That fix was released yesterday, the culmination of a first-ever industry effort which saw the leading providers of every leading computer platform involved - this was necessary because DNS is used by every computer attached to the Internet, and so every one of those computers, regardless of make or platform, has the potential to become a victim of the DNS vulnerability. As a result, explained CERT (the U.S. Computer Emergency Readiness Team), “web traffic, email, and other important network data can be redirected to systems under the attacker’s control.” The flaw was discovered by security researcher Dan Kaminsky, who contacted the companies and fellow security researchers - his efforts culminated in the collaboration, which started with meetings hosted by Microsoft in Redmond in March. “I found it completely by accident .I was looking at something that had nothing to do with security. This one issue affected not just Microsoft and Cisco, but everybody,” said Kaminsky, adding that “A lot of people really stepped up and showed how collaboration can protect customers.” Explained Jeff Moss, founder of the Black Hat computer securit conference, “We are seeing a massive multi-vendor patch for the entire addressing scheme for the internet - the kind of a flaw that would let someone trying to go to Google.com be directed to wherever an attacker wanted.” Most personal computers will receive the fix and can be protected simply by going through the automatic update process (Microsoft, for example, released the fix for Windows computers through their automatic update process yesterday). Said Kaminsky, “People should be concerned but they should not be panicking. We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before.”
Follow Anne on Twitter
Friend Anne on Facebook
Alarm Sounded on Hijacking of DNS System Through DNS Cache Poisoning - Massive Fix Effort
Twitter Explained in Plain English
Previous Article « Learn How to Play Songs with How-To Videos by the Actual Artists
Read Next Article » Employees with Mobile Work Email Can Sue for Overtime, Warn Legal Experts
Read more:
» What is Pharming? DNS Poisoning and DNS Cache Poisoning Explained
» DNS Servers are Under Fire (News Release)
» Beware Modem Hijacking - NY First State to Outlaw This Act of Remote Thievery
» Facebook Pulls Plug on New TOS After Massive Backlash
For additional similar stories check out our archives on Security
NOTE: We never, ever, ever will recommend any product or service on this site that we have not regularly used ourselves and do not wholeheartedly believe in. That said, in some cases after being very pleased with a product or service, we may enter into a relationship with the provider of that product or service such that if someone purchases that product or service based on our recommendation, we may get a small payment. Such payments go towards the upkeep of the Internet Patrol.
Some people aren’t so happy about how long it took to implement this fix:
http://tinyurl.com/6rfn7k
Comment by Augie — 7/10/2008 @ 11:53 am