DNS Vulnerability Is Scary Stuff

Author(s): Mark Tauschek

Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.

In early 2008, security researcher Dan Kaminsky, Director of penetration testing at IOActive stumbled across a potentially devastating flaw in the Domain Name System (DNS) code that the Internet relies on. The vulnerability – a flaw that could allow DNS cache poisoning, man-in-the-middle attacks, and e-mail hijacking – makes it easier, than previously known DNS vulnerabilities, for hackers to change the source IP addresses that domain names are routed to. Realizing the magnitude of the flaw, Kaminsky enlisted the maintainers of Berkeley Internet Name Domain (BIND), Internet Systems Consortium (ISC) to help him convince vendors that they had to work together to both keep the vulnerability quiet and patch their software immediately.

Tags

Microsoft, security, DNS, vulnerability, Domain Name System, black hat, flaw, exploit, searchsecurity.com, techtargetr.com, metasploit, recursive DNS, authoritative DNS, DNS server, bind, Dan Kaminsky, IOActive, isc
Browse all Security

Related Content

Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
© Info-Tech Research Group | Terms of Use | Privacy Policy