Saturday | 11 October, 2008
Computerworld
The Internet gets a patch, as DNS bug is fixed
Security researcher Dan Kaminsky has discovered a flaw in the DNS protocol that allows attackers to spoof Internet addresses.
Robert McMillan (IDG News Service) 09/07/2008 08:34:11
Page:

Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data , Trend Micro , GFI , SonicWALL , Secure Computing , MessageLabs , CA , 3Com
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Zones
Zone logoZones provide focussed content from Computerworld and leading technology partners.

Newsletter Subscription

Sign up for our Computerworld newsletters!
Computerworld's twice-daily news service keeps you in touch with the latest, most important headlines from Australia and around the world.
Keep up with the latest virtualisation technologies, products, news and features.
IDG's security alert service provides you with alert emails for new virus releases or security incursions of significant importance.
A weekly round-up of virus alerts, bug reports, patch releases and security news.
RSS Feeds

Makers of the software used to connect computers on the Internet collectively released software updates Tuesday to patch a serious bug in one of the Internet's underlying protocols, the Domain Name System (DNS).

The bug was discovered "by complete accident," by Dan Kaminsky, a researcher with security vendor IOActive. Kaminsky, a former employee of Cisco Systems, is already well-known for his work in networking.

By sending certain types of queries to DNS servers, the attacker could then redirect victims away from a legitimate Web site -- say, Bofa.com -- to a malicious Web site without the victim realizing it. This type of attack, known as DNS cache poisoning, doesn't affect only the Web. It could be used to redirect all Internet traffic to the hacker's servers.

The bug could be exploited "like a phishing attack without sending you e-mail," said Wolfgang Kandek, chief technical officer with security company Qualys.

Although this flaw does affect some home routers and client DNS software, it is mostly an issue for corporate users and ISPs (Internet service providers) that run the DNS servers used by PCs to find their way around the Internet, Kaminsky said. "Home users should not panic," he said in a Tuesday conference call.

After discovering the bug several months ago, Kaminsky immediately rounded up a group of about 16 security experts responsible for DNS products, who met at Microsoft on March 31 to hammer out a way to fix the problem. "I contacted the other guys and said, 'We have a problem,'" Kaminsky said. "The only way we could do this is if we had a simultaneous release across all platforms."

That massive bug-fix occurred Tuesday when several of the most widely used providers of DNS software released patches. Microsoft, Cisco, Red Hat, Sun Microsystems and the Internet Software Consortium, makers of the most widely used DNS server software, have all updated their software to address the bug.

The Internet Software Consortium's open-source BIND (Berkeley Internet Name Domain) software runs on about 80 per cent of the Internet's DNS servers. For most BIND users, the fix will be a simple upgrade, but for the estimated 15 per cent of BIND users who have not yet moved to the latest version of the software, BIND 9, things might be a little more difficult.

That's because older versions of BIND have some popular features that were changed when BIND 9 was released, according to Joao Damas, senior program manager for the Internet Software Consortium.

Kaminsky's bug has to do with the way DNS clients and servers obtain information from other DNS servers on the Internet. When the DNS software does not know the numerical IP (Internet Protocol) address of a computer, it asks another DNS server for this information. With cache poisoning, the attacker tricks the DNS software into believing that legitimate domains, such as Bofa.com, map to malicious IP addresses.

Page:
Computerworld Buyer's Guide - Vendors Matched to this Article
HAL Data Services , Dimension Data , Trend Micro , GFI , SonicWALL , Secure Computing , MessageLabs , CA , 3Com
More about Red Hat, Qualys, Microsoft, Arbor Networks, Cisco Systems, Cisco, Sun Microsystems, Internet Software Consortium
Market Place
Computerworld SOA Summit: Improve your margins and eliminate inefficiencies. Register now | 17th October 2008
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. View now.
Uncover the security challenges faced when defining and implementing security mechanisms within wired and wireless network environments.
New white paper | Improving Sales Productivity: An Opportunity for Sales and IT Leadership | Download now
14 October 2008 Live webinar: Mashing it up with Incident Management
Webcast: How to get the best out of your network featuring expert analysts, to view now click here
21 October 2008 Live webinar: Learn how to orchestrate activities between a request management process and HP/Mercury/Quality Centre
WIN a printing technology upgrade worth $20k* with HP MFPs! >> CLICK HERE TO ENTER.

Computerworld Member Login


 
CA Knowledge Centre

Security Management

Protect your critical IT assets, achieve sustainable regulatory compliance, reduce IT administration costs and enable new business opportunities with our IT security solutions.

IT Security as a business enabler?
Download Whitepaper

CA Knowledge Centre

Success Stories


Australian Unity minimises costs and maximises productivity with single sign-on for 1,400 users
Australian Unity needed to address its business and security risks including user management and application security management. The company chose an enterprise single sign-on (ESSO) solution and discovered increased employee productivity, reduced help desk costs and elevated data protection.
Download the full Success Story


BT saves more than £15 million and improves customer services with comprehensive Identity & Access Management
To enable future growth and ensure its services remain competitive, BT needed to build closer relationships with its customers and suppliers. Discover how the company is now performing over 36 million transactions a day with their improved Identity & Access Management Solution.
Download the full Success Story


Identity & Access Management


Simplify and Secure: Managing User Identities Throughout their Lifecycles
Organisations are constantly challenged to keep pace with ongoing changes to users and their roles, responsibilities and requirements. Discover how CA can help you create a unified approach for managing users identities, providing them with timely and appropriate access to applications and information.
Download Whitepaper


Simplify, Integrate and Safeguard Your Business with Secure Web Business Enablement
Modern organisations are required to aggressively expand the number and type of Web applications and services provided to customers, partners and employees. Discover how to automate, delegate and centralise your key processes and services including user administration, access policies, auditing and compliance by reading on.
Download Whitepaper


Simplify, Integrate and Secure: Providing Secure Access to Server-based Information and Resources Across Platforms
Distributed servers are a powerful asset in any company’s infrastructure. Over time, most organisations have acquired a variety of different platforms and are relying on them to house an increased amount of critical applications, processes and data. Read on to discover how you can achieve a consistently higher level of server access security across multiple platforms including virtual hosts and guest operating systems.
Download Whitepaper

Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links