On Tuesday, security researcher Dan Kaminsky of IO Active calmly explained in a conference call with security reporters how he first stumbled upon a pervasive flaw deep within the Domain Name System (DNS), a series of servers used to translate common Internet names to IP addresses. Kaminsky said he wasn't even looking for a security vulnerability. What he found, however, could explain how criminal hackers have been able to redirect DNS queries recently.
Following a security researcher's announcement of a massive, multivendor patch release, Cisco on Tuesday issued a patch for its products vulnerable to DNS cache-poisoning attacks.
In an advisory, Cisco cited its IOS software, Network Registrar, Application and Content Networking System, and Global Site Selector used in combination with Cisco Network Registrar among those directly affected by the vulnerability announcement.
Earlier Tuesday, Microsoft released its patch for the same DNS vulnerability.
A security researcher has responsibly disclosed a fundamental flaw within the Domain Name System (DNS), the addressing scheme behind the common names used on the Internet. Currently, it may be possible to guess these transaction ID values in advance and assert a malicious server as the authoritative DNS server for a popular bank or e-commerce site. The news was announced Tuesday.
Dan Kaminsky, director of penetration testing services for IO Active, found the DNS flaw earlier this year. Rather than sell the vulnerability, as some researchers have done, Kaminsky decided instead to gather the affected parties and discuss it with … Read more
Register.com is looking into the hijack of Photobucket's DNS records that redirected customers to an unrelated Web page this week.
"The Photobucket site was down for a very short time and was restored immediately when we became aware of the issue." Roni Jacobson, general counsel of Register.com, said in a statement on Thursday. "We are currently investigating the source of the problem."
On Tuesday afternoon, some Photobucket customers trying to access the site were temporarily redirected to a page that appeared to have been hacked by a Turkish group calling itself "NetDevilz.&… Read more
Secure Computing researchers have discovered a new variant of the DNSChanger Trojan in the wild that attacks routers, meaning any Web surfing computer on that network could be at risk of being redirected to a malicious Web site.
The DNSChanger Trojan changes the DNS settings to point to a host Web site address supplied by the attackers, Sven Krasser, director of data mining research at Secure Computing, said in an interview with CNET News.com on Tuesday.
"Your network is essentially reconfigured to do all the (domain) name resolutions over this malicious name server," he said.
The DNSChanger … Read more
OpenDNS provides domain names systems (DNS) support to turn your site's URLs into Web pages that people can navigate to. The process of converting a domain into a machine-readable address requires services like OpenDNS, which happens to do all of this for free. In many ways, it's the middleman of taking a domain you buy off of a domain service and hooking it up to where the data is actually hosted.
OpenDNS also lets IT admins get a very high level of control over sites and services its users are trying to access including domain blocking, whitelisting, and … Read more
Update 3:15 p.m. PDT: The headline and opening sentence have been changed to clarify that VeriSign is expanding its Project Titan initiative to strengthen and secure Net infrastructure.
On Thursday, VeriSign announced plans to increase the level of security within Project Titan, a global initiative to expand the infrastructure of the Internet to anticipate future demand brought by increased e-commerce transactions.
In its announcement, VeriSign said that it is going to spend more than the $100 million-plus initially budgeted.
One of the goals of Project Titan is to increase the overall capacity of the Internet to sustain a … Read more
Recently, in the techie Q&A column in the New York Times, someone asked about changing the password in their router. Due to space limitations, the answer by J. D. Biersdorfer was short, too short. This is what you need to know.
Every router, wired or wireless, has an internal website used to make configuration changes. Accessing this internal website requires a userid/password, something totally independent of any wireless network passwords.
Read the full story on SFGate: "Use of Rogue DNS Servers on Rise"
First though, let's consider what happens when DNS breaks. As noted previously, the DNS system translates computer names into IP addresses. So if it breaks, it may seem that your Internet connection is broken when in fact, it's fully functional. That is, from your ISP's perspective everything can be working fine, all the lights on your modem and router* can be normal, but still, you can't get to any Web sites … Read more