Technology news and Jobs arrow Information Technology News arrow Nominum clobbers DNS cache poisoning vulnerability
Nominum clobbers DNS cache poisoning vulnerability E-mail
by Stuart Corner   
Friday, 29 August 2008
Internet software company, Nominum, has released a new version of its DNS server software that is claimed to offer much greater protection from the notorious DNS cache poisoning vulnerability unveiled earlier this year by security researcher Dan Kaminsky.

Featured Whitepaper

5 Best Practices for Smartphone Support
By exploiting the cache poisoning  vulnerability hackers can insert a false IP address into the cache of domain name-to IP-address references maintained by all ISPs, and many enterprise systems, redirecting a request for a genuine site to any site of their choosing.

Nominum software provides DNS  services for some 120 million broadband users around the world and it was quick off the mark to implement the initial fix for the Kaminsky vulnerability. However this fix, a technique know as UDP source port randomisation, did not address the underlying problem: it simply made exploitation several orders of magnitude harder. And in fact one researcher claims to have already cracked this protection but he was operating over a 10GBE Lan which enabled him to make many more attempts per hour than would be possible over the public Internet.

Now, according to Nominum, a new release of its Vantio caching DNS server platform "provides multi-layer intelligent defences that defeat DNS cache poisoning and other attacks, including the recently publicised Kaminsky vulnerability...[and that] far surpasses the recently released industry standard UDP source port randomisation (UDP SPR)....[and] negates the brute force advantage attackers gained with the latest DNS cache poisoning vulnerability.'

Dr Paul Mockapetris, chairman and chief scientist at Nominum and inventor of the DNS, said: "Literally one day after details of the Kaminsky cache poisoning attack were revealed, UDP source port randomisation was defeated in 10 hours by security researchers using brute-force spoofed response. Nominum's multi-layered approach eliminates the risk of a successful attack."

Key benefits claimed for the new release are that it:
- Resists and stops all forms of cache poisoning attacks;
- Defends automatically against query response spoofing and takes attackers out of loop;
- Prevents hijacking of subscriber traffic, or 'pharming" attacks;
- Identifies perpetrators and records attack attempts;
- Provides protection in enterprise and service provider networks that use network address translation (NAT), which can undermine UDP SPR;
- Reduces the chance of poisoning answers for valuable domains to zero.

Tags See All Tags


DNS  Hacker  Internet  Security  Stuart Corner 
Powered By Joomla Tags

Please enable JavaScript in your browser to post your comment!
 
< Next story in category   Previous story in the category >
iTWire user statistics Visitors last 30 days
 694,279
Subscribers 15,210
#1 independent technology news advertise here
  •   *  
  • Search
  • AdvSeach
  • Login
  • Events
  • FreeStuff

- Advertisement -

Featured Whitepapers

...More

Today on iTWireToday on iTWire

Latest news
Follow iTWire on Twitter

About iTWire

iTWire is all about technology news, information, jobs and community for the IT and telecommunications industry professional. Subscribe to our free ICT daily newsletter

iTWire and you

Contact , Register , Links , About iTWire , Feedback , Post your jobs , Events , iTWire site map , Start Blogging , MyBlogLog page , Advertise with iTWire , Subscribe to SMS headlines , White Papers