By Kelly Jackson Higgins
Sept 14, 2009
One of the first cloud-based secure DNS services was launched today amid
intensified concerns over locking down vulnerable Domain Name Service
OpenDNS, which provides a free DNS service for consumers and schools,
now is offering a subscription-based commercial service for enterprises.
Other vendors, such as Nominum, are considering offering secure DNS
cloud services as well.
DNS security has gotten more attention than ever in the wake of the
discovery of a major hole in DNS that was revealed by researcher Dan
Kaminsky, and was later patched by several vendors. The so-called
cache-poisoning flaw could allow an attacker to guess the transaction ID
of a Web query and let the attacker hijack queries. Meanwhile, the
Internet community has stepped up efforts to adopt the DNSSEC standard
for protecting the DNS translation process from being compromised.
"One of the more troubling experiences from the DNS patching effort was
realizing how many organizations didn't even know what DNS servers they
were using internally. Recursive name servers tend to just 'run
themselves,' only getting noticed when they either have to be patched,
or when load exceeds some magic query per second level at which point
random things start breaking everywhere," says Kaminsky, who is director
of penetration testing for IOActive.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News