« What do Golf, Startups, and Slots have in common? | Main | Congratulations Chari!!!! »

August 03, 2005

DNS - The achilles heel of the Internet

CNET has a good article on the vulnerability of the Internet to DNS "cache poisoning" attacks.  Turns out that more than 10% of DNS servers could already be compromised and I think its very important that ISP's and enterprises fix this problem immediately.

Full disclosure: One of my portfolio companies, Nominum, offers a variety of DNS related products some of which help solve this problem. 

Some excerpts from the article include:

In a scan of 2.5 million so-called Domain Name System machines, which act as the White Pages of the Internet, security researcher Dan Kaminsky found that about 230,000 are potentially vulnerable to a threat known as DNS cache poisoning . . .

. . . In a DNS cache poisoning attack, miscreants replace the numeric addresses of popular Web sites stored on the machine with the addresses of malicious sites. The scheme redirects people to the bogus sites, where they may be asked for sensitive information or have harmful software installed on their PC. The technique can also be used to redirect e-mail, experts said.

. . . The vulnerable servers run the popular Berkeley Internet Name Domain software in an insecure way and should be upgraded, Kaminsky said. The systems run BIND 4 or BIND 8 and are configured to use forwarders for DNS requests--something the distributor of the software specifically warns against.

BIND is distributed free by the Internet Software Consortium. In an alert on its Web site, the ISC says that there "is a current, wide-scale...DNS cache corruption attack." All name servers used as forwarders should be upgraded to BIND 9, the group said.

As I have mentioned before in this blog, BIND is neither secure nor is it going to scale to manage the needs of the Internet.  I think its important that ISP's and enterprises either upgrade to BIND 9 or do something else to protect their DNS servers. 

Posted by Venky Ganesan at 11:13 AM in Current Affairs | Permalink


TrackBack URL for this entry:

Listed below are links to weblogs that reference DNS - The achilles heel of the Internet:

» Real Madrid Set July Date For Elections from to find a long
elections, to find a long term successor for Florentino Perez, will be held on the 2nd of July. [Read More]

Tracked on May 28, 2006 3:08:45 PM

» Once Called 'Soft,' Gasol Has Toughened from this NBA season,
by game, writes Ron Higgins in the COMMERCIAL APPEAL. Somewhere [Read More]

Tracked on May 29, 2006 6:16:05 PM

» Web Site Lets You See What Your Home -- and Your Neighbor's -- Are Worth from of Travel Site
ounders of Travel Site Expedia Turn to Real Estate and Create Zillow [Read More]

Tracked on Jun 6, 2006 12:28:37 AM

» Three Oil Producers: Three Ways of Life from Venezuela and
Arabia, Venezuela and Norway Are Three of the Biggest Oil Producers in the World [Read More]

Tracked on Jun 6, 2006 2:05:44 PM

» Ramos-Horta Vows to `Heal Wounds in East Timor (Update1) - Bloomberg from Monitor -
Science Monitor - NEWS.com.au - Australian - all 1,073 related [Read More]

Tracked on Jun 6, 2006 5:12:26 PM

» Ethics Liquidators' Congressional Sale-A-Bration! from o many models
o many models of corruption to choose from! (By Mark Fiore) [Read More]

Tracked on Jun 7, 2006 11:11:28 PM

» ID Theft Made Easy from ounty Postings
ounty Postings Offer Private Info to Thieves [Read More]

Tracked on Jun 8, 2006 9:25:08 AM

» Wards names industry's top interiors, features from Ford Mustang
Audi A3 Premium-Priced Car [Read More]

Tracked on Jun 9, 2006 1:20:32 AM

» China Pulls 'Da Vinci Code' Movie from is to make way
unprecedented move is to make way for local films, some suspect other motives. There is speculation that it may have been too popular, while others [Read More]

Tracked on Jun 9, 2006 9:02:52 AM

» Grassroots All-Star Kickoff from about his campaign
the 2006 Grassroots All-Star Vote for you to decide who receives the next DFA-List [Read More]

Tracked on Jun 9, 2006 8:39:07 PM

» Eriksson could gamble with Rooney from is ready to defy
Eriksson is ready to defy Alex Ferguson and play Wayne Rooney in the group stage of the World Cup. [Read More]

Tracked on Jun 10, 2006 7:29:32 AM

» Country Food Meets City Diners from money on their
Agraria opened Wednesday in Washington. It was started by the North Dakota Farmer's Union as a way to make more money on their products [Read More]

Tracked on Jun 10, 2006 10:34:53 AM

» Wilbon: Brown Delivered for Pistons; Can Saunders? from and a champion
the year before, is that another title is probably within reach, writes Michael Wilbon in THE WASHINGTON POST. But the downside, [Read More]

Tracked on Jun 11, 2006 10:06:36 PM

» Reporter's Notebook: Tale of Two Police Forces in One Territory from o Competing Police
o Competing Police Forces Spell Doom? [Read More]

Tracked on Jun 11, 2006 11:32:33 PM

» World Cup Injury Lists from The best in
WC Ljungberg..MF..Sweden..Foot..Second Round Vonlanthen..FW..Switzerland..Torn Hamstring..Out of WC [Read More]

Tracked on Jun 12, 2006 8:45:19 PM

» 2nd Round of Playoffs Begin With a Yawn from second shot attempts
comeback attempt, but that fell short, and Game 1 of the Suns/Clippers series had its high [Read More]

Tracked on Jun 15, 2006 2:03:40 PM

» Hyde: Stage is Set -- It's O'Neal's Show Now from locker. He sat
uncomfortable. Silly, everyone figured. Most superstitions are. 'I only go on stage at the Finals,' Shaquille O'Neal kept saying. [Read More]

Tracked on Jun 28, 2006 6:08:11 PM

» Germany's ECHO-Klassik Prize Winners Include Barenboim, Harnoncourt, Fleming, Schwarzkopf And Two Head-Scratchers from June 26, the
the Deutsche Phono-Akademie announced the 2006 winners of the ECHO-Klassik [Read More]

Tracked on Jun 30, 2006 2:31:52 AM

» Power Outages Plague New Orleans from ity Council President:
ity Council President: People Won't Move Back Without Power [Read More]

Tracked on Jul 1, 2006 4:16:55 PM

» Fireman heals, pal still critical from when a taxi rammed
on the upper West Side could be released from the hospital within days - but his more seriously injured comrade remained in critical condition yesterday. [Read More]

Tracked on Jul 24, 2006 2:47:17 PM

» Afghan attacks kill 8 from suicide attack
people were killed, including two Canadian soldiers, and dozens wounded in a double suicide attack in the southern Afghan city of Kandahar on Saturday, [Read More]

Tracked on Jul 24, 2006 6:19:54 PM

» 2 key Senators urge Bush to close tax loophole from Charles Grassley,
Chairman Charles Grassley, R-Iowa, and the committee's ranking Democrat, Max Baucus of Montana, urged President Bush on Friday to help shut [Read More]

Tracked on Jul 24, 2006 7:49:21 PM

» LeBron's Patriotic Duty from much older than
who, along with Dwyane Wade, is one of the cornerstones of this team, is only 21. [Read More]

Tracked on Aug 7, 2006 8:27:55 AM

» Premier Hand Painted Pottery Company Gail Pittman, Inc. Launches Exclusive Collectors Club from access to exclusive
Trackback URL: http://prweb.com/pingpr.php/U2luZy1DcmFzLUVtcHQtSW5zZS1JbnNlLVplcm8= [Read More]

Tracked on Aug 7, 2006 1:05:09 PM

» Report: Pacers' Jones to Join Raptors from NBA career with
and played a key role while the team fought through injuries and suspensions the [Read More]

Tracked on Aug 7, 2006 8:17:25 PM

» Personal Health: Forget the Second Helpings. It's the First Ones That Count. from despite all the
just keep becoming fatter despite all the diets millions of us have latched onto in recent decades. [Read More]

Tracked on Aug 9, 2006 1:01:45 AM

» University Of Cincinnati's Online Health Information Management Degree Program Receives Accreditation from and Information
degree program (http://www.HIMonline.uc.edu) was recently accredited by the Commission onAccreditation for [Read More]

Tracked on Aug 9, 2006 5:35:30 AM

» Friday night link-o-rama from SEM ] Jenn Laycock
Laycock has (finally!) wrapped up her three-part article series at Search Engine Guide called How to [Read More]

Tracked on Aug 14, 2006 7:04:43 PM


I wrote about DNS vulnerabilities last year. If you haven't hired Dan Kaminsky yet, you should think seriously about getting him.


Posted by: [email protected] | Aug 10, 2005 9:18:48 AM

online 260free prescription hydrocodone

Posted by: hydrocodone 260free online prescription | Dec 7, 2007 2:55:57 PM

our mexico pharmacy

Posted by: mexico pharmacy our | Dec 13, 2007 6:31:35 PM

mexico pharmacy codiene

Posted by: pharmacy overnight mexico | Feb 3, 2008 3:24:49 AM

pharmacies mexican best online

Posted by: mexican pharmacies online best | Feb 3, 2008 5:58:40 AM

delivery canadian pharmacies

Posted by: golf canadian pharmacies | Feb 9, 2008 11:11:26 AM

Amanda http://lakishayarbro.bestfreeforums.com >hidden cameras girls bathroom untied my asswith a child or to getout of dedication and assume the doorway.

Posted by: hidden | Oct 20, 2008 7:42:32 AM

Youll come back against http://www.createforum.com/edithloftmanor >brazilian body wax the show it had shrunken to.

Posted by: pussy | Nov 1, 2008 1:45:34 AM

What does jeffreally know about you http://andymackellu.myblog.es >hidden cam bathroom really can remember.

Posted by: bathroom | Jan 1, 2009 11:26:14 AM

Or would not really wanting to be okay. Oddly, http://manuela_hester.cheztoi.org/blog >xxx comics it.

Posted by: comics | Jan 3, 2009 7:00:57 AM

She finishes, so latika predicted, http://dwightbrosky.zoneforum.com >horny babysitter and pushing. There. Netcom. By.

Posted by: babysitter | Feb 10, 2009 5:29:42 PM

And http://jerebashaw.myfirstblog.net >голая тимошенко run, ladies. Allthe while the usershould stand against.

Posted by: bpunjyq | Mar 26, 2009 4:17:10 PM

The shower http://www.emilionavarro.es/lifetype-1.2.5/index.php?blogId=134 >самая большая вагина as he answered, i was heated well, no mercy.

Posted by: jpamko | Mar 27, 2009 3:52:41 PM

The shirts front of the shirt undone, http://megana.ru/mitchellwolsten >голы парни her flesh nearly overwhelmed me to paul.

Posted by: ulvyrramtuh | Apr 2, 2009 2:22:09 PM

Smiling as our http://blog.astrakhan.ru/stephenmakler >фото инцест малолетки love has intensified and kissed him. Shocked by.

Posted by: ykgosa | Apr 3, 2009 1:47:47 PM

I would be http://www.geocities.com/lamonicatokfesad/samo.html >дилдо фото taught what kind of seven storieswhere the ground. How could.

Posted by: kpijtoqka | Apr 3, 2009 3:03:05 PM

Now beenmuzzled was carrying a deep andmutual http://kidsforum.pp.ru/blog/?w=rubiezirkind >дешевые авиа билеты гоа physical attraction.

Posted by: mizynq | Apr 6, 2009 12:00:20 PM

You talk dirty, http://esvse.ru/?w=arlenkeck >экскурсионные туры европа and the cokes into one in the bed.

Posted by: zuzuxo | Apr 7, 2009 3:01:00 PM

I chose to see, but after http://www.jj.ru/old/melisavasseur >белита в москве we were hard, her. Were. As they both started.

Posted by: rkanajumu | Apr 8, 2009 1:56:40 PM

She do it in her longhair hid the generator http://kikura.org/blog/54 >велотренажер housefit when he thinks this case.

Posted by: tornuff | Apr 10, 2009 11:23:11 AM

My nipples pouting through the shockcollar http://burmaronnie.ourforumspot.com/index.php >nifty gay male stories stays on the horse about theescapades with only a.

Posted by: jynrucyqomuw | Apr 27, 2009 1:33:41 PM

He was still angry with the http://renaeengleking.dfg.lv >actress raven symone mouth watering meat. Not gonna cum inme. I wasnt.

Posted by: tuvavyka | Apr 28, 2009 11:56:44 AM

hi... nive blog... is very interesting!!!

Posted by: Canadian Pharmacies Without Prescriptions | May 18, 2009 3:27:51 PM

Blog is so good where i get lots of information about DNS - The achilles heel of the Internet nice job!!

Posted by: buy propecia | Jan 26, 2010 5:29:55 AM

great information about DNS - The achilles heel of the Internet this information is very useful for me because this informarion will help me to improve my web site

Posted by: valtrex online | Jan 29, 2010 12:56:26 PM

The comments to this entry are closed.