[ insider_reports_insider ]
Critical DNS Issue Threatens Internet
David Utter
Staff Writer
2008-07-18
 Insider Reports RSS Feed
No hyperbole, no joke. People familiar with a flaw in the domain name system sounded a sobering call to administrators everywhere to fix their systems.
 | | Critical DNS Issue Threatens Internet |  |
One might think it a ploy worthy of the Black Hat Conference. Reveal how a noted security researcher found a fundamental flaw in DNS with major ramifications, put him on the conference schedule, and watch the attention and attendees roll into Las Vegas.
Except, the problem is real. Dan Kaminsky is no Peter crying 'wolf', but a Roy Schneider who's spotted a massive great white shark near the beach. Like the mayor of Amity in Jaws, the Internet needs to listen.
Kaminsky will discuss the DNS flaw on July 24 via webcast. It will take place as admins around the globe work to update their systems.
Legendary BIND creator Paul Vixie has been coordinating the vendor response to the DNS flaw. He took time to respond to sniping from the security pro community about Kaminsky's work in disclosing the problem.
"Everything we thought we knew was wrong," Vixie said of contentions that DNS has always been known to be terribly insecure.
OpenDNS founder David Ulevitch told SecurityProNews the DNS flaw was the most serious vulnerability he's ever seen. Ulevitch said the attack necessary to exploit the problem will be easy to do, enabling anyone who understands the flaw to try and exploit it.
He also noted OpenDNS has been secure well before Kaminsky discovered the problem, so networks using OpenDNS for their services today will be protected from those potential attacks.
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
RSS
Archive
Contact Us
Advertise
