IS avoids DNS problems
A prominent DNS researcher recently uncovered a new method of using DNS Query-ID spoofing to poison DNS caches.
This was a known problem with all DNS vendors and until now was considered unlikely due to the fact that it would take on the order of a week to correctly guess this Query-ID.
Cache poisoning allows an attacker to selectively control destination web sites for users accessing a compromised DNS.
For example, if a cache entry for Google is poisoned, a user typing in www.google.com would not get the genuine Google website but rather a site controlled by the attacker.
This is a serious problem because users believe they are going to a legitimate site and thus have no reason to suspect they are under attack.
Under such circumstances a user may be perfectly comfortable taking a survey that requests confidential personal information, again since they believe they are at a site they are familiar with and visit often.
Software updates were released by all major players in the DNS landscape on Wednesday.
“IS was notified by our software vendor at around midnight on Tuesday evening and as such were able to take quick action against the threat. All IS servers were updated to the latest secure software by midday on Wednesday the 9th of July,” Internet Solutions said.
DNS Cache poisoning discussion
Loading ...