Alarm Sounded on Hijacking of DNS System Through DNS Cache Poisoning – Massive Fix Effort
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

Several industry giants and Internet security firms have been quietly collaborating to roll out an Internet-wide system of patches to block a hole in the Internet’s DNS system, which allows for DNS cache poisoning. DNS, which stands for Domain Name System, translates domain names to the actual number-based address on the Internet at which the computer for that domain resides, allowing computers to find each other, such as to visit a website.

DNS cache poisoning allows a hacker to change the data so that when your computer uses DNS to determine where the domain you want to visit is hosted, your computer is told to go to the wrong place (where an exact copy of the website you want to visit is waiting).


For example, if you want to visit a website at example.com, your computer should be told to go to the computer at IP address 1.1.1.1, but with DNS cache poisoning, instead your computer will be told to go to 2.2.2.2, where the hacker’s machine is waiting – with that exact copy of the website you wanted to visit – so that while the hacker is doing all sorts of evil things like sucking down all of your passwords and installing viruses on your computer – you’ll be none the wiser.

The DNS cache poisoning DNS vulnerability was discovered a few months ago, and companies such as Microsoft, Sun, and Cisco have been quietly but steadily working with security experts to create a fix that could be applied system-wide. That fix was released yesterday, the culmination of a first-ever industry effort which saw the leading providers of every leading computer platform involved – this was necessary because DNS is used by every computer attached to the Internet, and so every one of those computers, regardless of make or platform, has the potential to become a victim of the DNS vulnerability. As a result, explained CERT (the U.S. Computer Emergency Readiness Team), “web traffic, email, and other important network data can be redirected to systems under the attacker’s control.”

The flaw was discovered by security researcher Dan Kaminsky, who contacted the companies and fellow security researchers – his efforts culminated in the collaboration, which started with meetings hosted by Microsoft in Redmond in March.

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

“I found it completely by accident .I was looking at something that had nothing to do with security. This one issue affected not just Microsoft and Cisco, but everybody,” said Kaminsky, adding that “A lot of people really stepped up and showed how collaboration can protect customers.”

Explained Jeff Moss, founder of the Black Hat computer securit conference, “We are seeing a massive multi-vendor patch for the entire addressing scheme for the internet – the kind of a flaw that would let someone trying to go to Google.com be directed to wherever an attacker wanted.”

Most personal computers will receive the fix and can be protected simply by going through the automatic update process (Microsoft, for example, released the fix for Windows computers through their automatic update process yesterday).

 

Said Kaminsky, “People should be concerned but they should not be panicking. We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before.”

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

One thought on “Alarm Sounded on Hijacking of DNS System Through DNS Cache Poisoning – Massive Fix Effort
0 (0)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.