Home > Computers / Software, Internet / New-Media, Money, Organisations, Opinion > Security Flaw in DNS Infrastructure

Security Flaw in DNS Infrastructure

A fundamental flaw in the Internet’s addressing system, (The DNS) necessitating a massive Internet security upgrade primarily for businesses and service providers, according to a division of the United States Department of Homeland Security. 

DNS servers translate a popular name such as Microsoft.com into its numeric IP address. There are 13 principal servers and many sub-servers located throughout the world to speed the process of IP resolution. Usually a DNS look-up query is assigned a random translation ID, but Kaminsky observed that when a vulnerable DNS server is able to perform recursive DNS queries, it was possible to guess the transaction ID and redirect the result

The problem makes it possible for computer hackers to reroute Internet traffic at will, enabling them access to sensitive and valuable information from businesses as well as individual users, such as credit-card and bank information.

The matter is more serious than a typical computer virus or hack because rather than targeting individual computers online or specific software products, it undermines the inner workings of the Internet itself, specifically the so-called domain name system, or DNS. The DNS, which acts as the Internet’s address book, makes it possible for users to connect with other computers and Web sites.

“This is the largest synchronised security upgrade in the history of the Internet,” said a statement from the Computer Security Response Team, or CERT, a division of Homeland Security. “An attacker could easily take over portions of the Internet and redirect users to arbitrary and malicious locations.

See here for the information on the Dan Kaminsky discovery

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: