iTWire - DNS vulnerability detailed: and much worse than expected

IT&T JOBS|Discussion forum|Releases|Technology Events|IT News for mobile|

Today on iTWire iPhone IT News Telecommunications People Our Blogs Tech Lifestyle Science Pod Casts Sustainability

Live Technology Events - Training - Forums - Summits

Technology news and Jobs

Information Technology News

DNS vulnerability detailed: and much worse than expected

DNS vulnerability detailed: and much worse than expected

E-mail

by Stuart Corner
Thursday, 07 August 2008
! Dan Kaminsky whose discovery of a way to exploit a known flaw in the domain name system three months ago precipitated a global scramble to patch affected software, has revealed full details, and the scope of problem is much greater than first thought. The details were revealed in a presentation yesterday by Kaminsky at the Black Hat conference in Las Vegas following his earlier revelation of partial details of the vulnerability. Prior to his speech it had generally been believed that the vulnerability would allow an attacker to infect a domain name server only with an incorrect IP address for otherwise unsecured communications, such as standard web page lookups and email addressing. The earlier revealed details were summed up in this vulnerability note from US-CERT. However Kaminsky has revealed that it makes supposedly secure protocols like IPSec, and https, widely used for 'secure' transaction on the net, vulnerable. The scope of the problem was neatly summed up by George Kurtz, senior vice president and general manager of McAfee's Risk and Compliance business unit who told ChannelWeb: "When you hear about cache poisoning, most people think of attackers spoofing Websites, but when you go down the trail [Kaminsky] laid out, it's about taking over IPSec VPNs, SSL certification, all automatic updates for the software, Skype." According to the Los Angeles Times report of Kaminsky's presentation he has "fired the starting gun for a race between hackers who can now take advantage of the vulnerability and the big companies who have yet to patch their systems." And while many systems have been patched to make exploitation of the vulnerability much more difficult, there remain a significant number of unpatched systems. Wired reported Kaminsky saying that more than 120 million broadband consumers were now protected by patched DNS servers, which amounts to about 42 percent of broadband internet users and that 75 percent of Fortune 500 companies had also patched, while 15 percent had tried to patch but run up against problems. Another 15 percent had done nothing to fix the hole, he said. Small enterprises would likely rely on their ISP's servers but there must be many large enterprises outside the Fortune 500 which run their own servers and the percentage of patching would likely be lower than in the Fortune 500. Meanwhile, it has been claimed that the patch issued by Apple for OS X 10.4 and 10.5 is a 'Clayton's fix that makes only a token attempt to address the problem. On Kaminsky's blog site , there is facility which end users can use to see if their domain name server has been patched. Please enable JavaScript in your browser to post your comment! Tags See All Tags Domain names Internet Security Stuart Corner Get stories like this delivered daily - FREE - subscribe now

< Next story in category		Previous story in the category >

Sponsored Releases

...Promote yourself here

Latest jobs

SAP Functional Consultant
Test Manager X 2 (M4)
Technical Support Operator (M16)
Program Director
Technical Writer (Q2)
Senior Project Manager - Construction (M15)
Contracts Manager IT
Senior Project Co-ordinator - $95K (F4)
Test Manager X 2 (M4)
SAP Functional Consultant

Visitors last 30 days
Suscribers

904,266
13,751

#1 independent technology news advertise here

Subscribe to our free e-newsletter

Today on iTWire