AOH :: ISNQ5405.HTM

DNS Cloud Security Services Arrive

DNS Cloud Security Services Arrive
DNS Cloud Security Services Arrive


http://www.darkreading.com/securityservices/security/vulnerabilities/showArticle.jhtml?articleID=220000275 

By Kelly Jackson Higgins
DarkReading
Sept 14, 2009

One of the first cloud-based secure DNS services was launched today amid 
intensified concerns over locking down vulnerable Domain Name Service 
servers.

OpenDNS, which provides a free DNS service for consumers and schools, 
now is offering a subscription-based commercial service for enterprises. 
Other vendors, such as Nominum, are considering offering secure DNS 
cloud services as well.

DNS security has gotten more attention than ever in the wake of the 
discovery of a major hole in DNS that was revealed by researcher Dan 
Kaminsky, and was later patched by several vendors. The so-called 
cache-poisoning flaw could allow an attacker to guess the transaction ID 
of a Web query and let the attacker hijack queries. Meanwhile, the 
Internet community has stepped up efforts to adopt the DNSSEC standard 
for protecting the DNS translation process from being compromised.

"One of the more troubling experiences from the DNS patching effort was 
realizing how many organizations didn't even know what DNS servers they 
were using internally. Recursive name servers tend to just 'run 
themselves,' only getting noticed when they either have to be patched, 
or when load exceeds some magic query per second level at which point 
random things start breaking everywhere," says Kaminsky, who is director 
of penetration testing for IOActive.

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org

Site design & layout copyright © 1986- CodeGods