By Denise Dubie
The discovery of a major DNS flaw in mid-2008 landed the technology in
many headlines, but with economic concerns weighing on many in IT,
industry watchers worry that revamping systems and security around
domain name servers could be put on hold in 2009.
The vulnerability discovered by director of penetration testing at
IOActive Dan Kaminsky motivated numerous vendors to upgrade their
products to protect enterprise networks against cache poisoning and
other DNS attacks, such as distributed denial-of-service (DDoS). IT
directors were encouraged to upgrade their DNS systems to guard against
potential threats, but a survey by The Measurement Group revealed that
about 25% of servers had yet to be upgraded by mid-November. Now, with
the year coming to a close, DNS experts worry the projects will take a
back seat to cost-cutting measures.
"These name servers are trivially vulnerable to the Kaminsky attack.
With an effective exploit script, a hacker can insert arbitrary data
into the cache of one of these names servers in about 10 seconds," says
Cricket Liu, vice president of architecture at Infoblox.
A separate survey of 466 enterprise online customers conducted by
DNSstuff in September revealed that 9.6% hadn't patched their DNS
servers and 21.9% didn't know if they were patched. The findings show
that despite the DNS community's and several vendors' efforts, a
significant number of server administrators have yet to take action. As
for the reasons behind the lack of patches, more than 45% cited a lack
of internal resources, 30% said they were unaware of the vulnerability
and 24% reported they didn't have enough knowledge of DNS to take the
appropriate steps. DNSstuff's customer research also found that the most
common DNS issues among respondents include e-mail downtime for 69%,
DDoS attacks and cache-poisoning attacks for nearly half and spoofing
Please help InfoSecNews.org with a donation!