DNS Poisoning

security researcher Dan Kaminsky who works at security services firm IOActive, said this week at BlackHat that the time may have come for IT vendors and users to consider broad adoption of the more-permanent security protections offered by DNS Security Extensions, or DNSSEC, technology.

The cache-poisoning flaw was publicly disclosed last July and after several months was discovered by Kaminsky, who first notified IT vendors to give them time to develop a fix. When he finally detailed the vulnerability, Kaminsky said it existed at the DNS protocol level and was so ubiquitous that virtually every domain name server resolving IP addresses on the Internet was vulnerable to attack.

The flaw could be used by attackers to spoof DNS traffic, potentially enabling them to redirect Web traffic and e-mail messages to systems under their control. Other security researchers said that although the concept behind such attacks had been well understood for some time, Kaminsky demonstrated an extremely effective way in which the attacks could be carried out.

You can read more about it here.

Share