Slashdot Mirror
Network Attacks Via DNS
Iphtashu Fitz writes "Without DNS the internet wouldn't be all that useful. Despite being a ubiquitous part of the internet it is overlooked by many as a potential security hole. At this weekends Defcon 12 conference in Las Vegas, security researcher Dan Kaminsky warned that DNS can open up seemingly secure networks to attack. Because most firewalls and other security devices treat DNS requests as harmless it provides an excellent conduit for transferring covert data in and out of otherwise protected systems. At Defcon, Kaminsky demonstrated some software that allows a server to act as a communications hub using DNS. This let him transmit instant messages and even audio streams over an encrypted connection carried by spoofed DNS requests."
"Because the data looked like typical DNS traffic it wouldn't be detected or logged by firewalls or intrusion detection systems. He also pointed out that monitoring DNS could help in other unrelated ways: because the recent MSBlast worm did lookups on windowsupdate.com infected machines could have been detected by simply monitoring DNS server logs."
That is should change my bookmark to http://66.35.250.150 now?
...Microsoft plans to release a security update to Windows XP which will secure the DNS hack. For all future internet usage, please enter in http://216.239.57.99. It's not a bug, it's a feature.
It would be cool if it didn't suck.
some good people could break into the nameservers of a large ISP such as AOL and send out spoofed NS records for update.windowsupdate.com or whatever it is and deploy linux to all windows users.
Warning: this update may require a reboot.
That flaw in most firms' network security leaves a vulnerability that can be used by hackers to sneak intellectual property outside a company, communicate with a compromised server inside the company,
In other security news alerts, there was a major hole disocvered in SSH. It turns out if a hacker installs a rogue SSH daemon on the server, he can do nefarious things with it.