Major DNS Flaws Leaked
One day after a security company accidentally posted details of a serious flaw in the Internet’s Domain Name System (DNS), hackers are saying that software that exploits this flaw is sure to pop up soon. This flaw apparently allows Web surfers to be spoofed, directing them to fake Web sites to gain passwords and load malware on their computers.
The flaw was discovered weeks ago by Dan Kaminsky, a security expert at IOActive, who has worked with industry leading software developers investigating Internet vulnerabilities.
A flaw in the DNS caching of incoming requests makes it susceptible to malicious misdirection of Web traffic. If a DNS serverĀ does not have an IP address for a requested domain, it asks for this information from another DNS server.
If the clueless DNS server’s cache is fooled by malicious information, the user requesting the domain of a legitimate site can be redirected to a spoofed IP address. For example, if a DNS server is fooled into directing legitimate traffic from www.yourbanksite.com to a rogue site, every user hitting the legitimate site would be redirected to the rogue site.
In a Friday morning press conference, Kaminsky said that many of the patches released by various IT vendors and security firms reacting to his bug discovery (reported by CNet News.com) are at best temporary fixes to a more pervasive problem. Kaminsky added that he would be disclosing further findings at the Black Hat security conference in Las Vegas next month.
Source: Network Security
Filed under Internet, Security