Home Business IT Security Nominum clobbers DNS cache poisoning vulnerability
Internet software company, Nominum, has released a new version of its DNS server software that is claimed to offer much greater protection from the notorious DNS cache poisoning vulnerability unveiled earlier this year by security researcher Dan Kaminsky.

By exploiting the cache poisoning  vulnerability hackers can insert a false IP address into the cache of domain name-to IP-address references maintained by all ISPs, and many enterprise systems, redirecting a request for a genuine site to any site of their choosing.

Nominum software provides DNS  services for some 120 million broadband users around the world and it was quick off the mark to implement the initial fix for the Kaminsky vulnerability. However this fix, a technique know as UDP source port randomisation, did not address the underlying problem: it simply made exploitation several orders of magnitude harder. And in fact one researcher claims to have already cracked this protection but he was operating over a 10GBE Lan which enabled him to make many more attempts per hour than would be possible over the public Internet.

Now, according to Nominum, a new release of its Vantio caching DNS server platform "provides multi-layer intelligent defences that defeat DNS cache poisoning and other attacks, including the recently publicised Kaminsky vulnerability...[and that] far surpasses the recently released industry standard UDP source port randomisation (UDP SPR)....[and] negates the brute force advantage attackers gained with the latest DNS cache poisoning vulnerability.'

Dr Paul Mockapetris, chairman and chief scientist at Nominum and inventor of the DNS, said: "Literally one day after details of the Kaminsky cache poisoning attack were revealed, UDP source port randomisation was defeated in 10 hours by security researchers using brute-force spoofed response. Nominum's multi-layered approach eliminates the risk of a successful attack."

Key benefits claimed for the new release are that it:
- Resists and stops all forms of cache poisoning attacks;
- Defends automatically against query response spoofing and takes attackers out of loop;
- Prevents hijacking of subscriber traffic, or 'pharming" attacks;
- Identifies perpetrators and records attack attempts;
- Provides protection in enterprise and service provider networks that use network address translation (NAT), which can undermine UDP SPR;
- Reduces the chance of poisoning answers for valuable domains to zero.

FREE NETWORKING SERVICES CASE STUDY

As one of the world’s largest social networking services, Facebook handles a lot of user information, and requires input from an astounding range of stakeholders 24 hours a day, 7 days a week — from both inside and outside the business.

Discover how Facebook was helped to connect remote employees, vendors, consultants, and partners to applications and web services quickly and reliably - without risking sensitive data.

GET CASE STUDY!

GET THE IT BUDGET YOU WANT

Explore your Network Treasure Trove to get the IT Budget you want

With Australian businesses projected to spend over $78.7 Billion why does it feel like you can never get the budget you need?.

In most cases your budget will get approved because the proposals are not only technically correct, but also provide good, credible evidence on how the spend aligns with key business objectives.

Did you know that your Network Monitoring tool can help you build a comprehensive business case without an MBA?

HERE ARE 8 TIPS TO GET THE IT BUDGET YOU WANT.

CLICK HERE!

Stuart Corner

 

Tracking the telecoms industry since 1989, Stuart has been awarded Journalist Of The Year by the Australian Telecommunications Users Group (twice) and by the Service Providers Action Network. In 2010 he received the 'Kester' lifetime achievement award in the Consensus IT Writers Awards and was made a Lifetime Member of the Telecommunications Society of Australia. He was born in the UK, came to Australia in 1980 and has been here ever since.

Connect

 

 

 

 

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities