News
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
More than half of Internet name servers today allow requests that leave networks vulnerable to cache poisoning and distributed denial of service attacks -- a fact that has not improved over the past year.
The finding is part of the third annual survey of the Internet's domain name servers released this week by The Measurement Factory, which conducted the survey for DNS management appliance maker Infoblox. The survey is based on a sample that included 5% of the IPv4 address space -- nearly 80 million devices -- and works to reveal configuration errors that compromise network security and availability.
DNS servers are an oft-neglected but essential part of the infrastructure that map domain names, such as www.networkworld.com into an IP address like 65.214.57.165. If DNS doesn't work, then it appears the network is down. DNS servers perform domain name resolution to fulfill Internet requests, and in turn, when DNS fails so does e-mail, Web access and more.
Filed under bad news, more than 50% of Internet name servers "allow recursive queries," which is unchanged from 2006, and such queries require a name server to relay requests to other name servers. That action leaves many name servers vulnerable to pharming attacks, according to Infoblox, which can also enable those servers to be used in DNS amplification attacks.
"Even with the growing adoption of more secure DNS systems, compromises to these systems are still occurring and organizations need to pay more attention to configurations and deployment architectures that are leaving their DNS infrastructures vulnerable to attacks and outages," said Cricket Liu, vice president of architecture at Infoblox.
More bad news comes in the form of DNS servers allowing "zone transfers to arbitrary requestors" grew 2% in 2007 to 31%. Allowing such transfers can enable duplication of an entire segment of DNS data from one server to another and make the system susceptible to a DDoS attack. The study also found that 75% of those surveyed machines remain misconfigured, which can cause service outages.
Yet the survey revealed some positive findings as well. According to the results, BIND 9 usage grew from 4% in 2007 to 65%, which indicates more enterprise companies are putting the most recent and secure version of the open-source domain name server software in place. At the same time, BIND 8 usage decreased by 5.6%. And the findings indicate that usage of Microsoft DNS Server has decreased consistently over time. In 2005, 10% of DNS servers surveyed used Microsoft; in 2006 5% used it; and in 2007, about 2.7% had Microsoft DNS Server in place.
"For the overall security of the Internet, it is good to see movement aware from Microsoft DNS Servers for external DNS as well as a growing trend to use the most recent versions of BIND, which are more secure," Liu said.
Computerworld Member Login
Realise Your VMware Vision: Storage Consolidation and Virtualization for Small to Medium Businesses
10:30 - 11am (EST, Sydney, Australia)
Wednesday, 4th June 2008
Screening live at your PC
Join Computerworld and our expert speakers:
- Jean-Marc Annonier, Research Manager, IT Spending, IDC
- Howard Porter, SMB Channels Manager, VMware
- Clive Gold, Product Marketing Manager Australia/New Zealand, EMC Corporation
to learn about the various virtualization technologies available today and what factors are driving it in small to medium businesses. Discover use cases and technologies that allow successful virtualization and storage consolidation for a more flexible IT infrastructure.
- +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future. - +
Data Management Edition #9: Data centre makeover 24/04/2008 07:43:06
This week CW Live looks at the death of the old style data centre which is undergoing its first makeover in more than 30 years. - +
IT Security Edition #9: Inside the bug trade. 16/04/2008 09:08:12
This week guidelines are released for the mandatory reporting of security breaches and we go inside the black market bug trade.
F-Secure Represented On The International Advisory Board IMPACT 2008-05-16 13:42:00+10
Quantum announces General Availability of Industry's First Solution Designed to Match De-Duplication Functionality to Specific B 2008-05-16 10:44:00+10
Hansen Technologies Extends Contract With Tokyo Electric Power Company 2008-05-16 09:44:00+10
More Than 140 Higher Education Institutions Worldwide Use RightNow on Demand CRM 2008-05-15 18:06:00+10
DST International Names Rob Gould as Director of Business Development and Strategy for Australia 2008-05-15 15:40:00+10
SOA Governance: Rule your SOA
SOA Governance is no side issue, but rather the key factor to overall SOA and business success! Effective SOA Governance supports your IT organization, aligns business and IT, and provides the foundation for compliance management.
