In March, security researcher Dan Kaminsky stumbled across a critical bug in the Domain Name System (DNS), one that is fundamental to its design. The flaw allowed for users to be redirected to fake websites. Although the flaw cannot be fixed entirely, patches were critical to make the bug harder to exploit. Therefore, Kaminsky kept the flaw from the public to give researchers time to find patches. The news of the DNS flaw was accidentally leaked.

“This attack is very good,” he said. “This attack is being weaponised out in the field. Everyone needs to patch, please.”

DNS allows computers to find websites – they send a request and get the site location in return. The DNS helps computers understand “www.sitename.com” in numerical code, returning the approproate site to match that name. The “Kaminsky flaw” allows for an attacker to hijack the DNS to send the users to a different location. For example, it could allow phishers to redirect you from your bank’s website to a fake website in order to steal your login details. You would still be on www.sitename.com, but it would not be the real site.

Not long after the vulnerability was leaked earlier this month, exploit code appeared and unpatched DNS servers were attacked. Most DNS vendors have now released patches, although some DNS services are not affected by the exploit (most are). DNS Servers & end-users both need to be patched, and in corporate terms that could mean doing both. It is recommended that you check for updates on your computer to ensure you have all the latest patches available.

You can read more about the DNS flaw and what you need to know here. You can check if your DNS server is vulnerable here.

Via Slashdot, InformationWeek, SFGate, CNET, BBC, InfoWorld ; image: ppdigital @morguefile ; Tags: , , , , , ,

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • del.icio.us
  • Digg
  • StumbleUpon
  • Technorati