Slashdot Mirror

← Back to Stories (view on slashdot.org)

DNS Cache Poisoning Spreads Malware

Posted by timothy on from the cold-hard-cache dept.

Gamma_UCF writes "As of April 4, 2005 the SANS Internet Storm Center has raised their alert level to Yellow following a rash of active DNS poisonings. The infected DNS servers are re-directing users from popular sites such as Google or American Express to malware infecting advertising sites. According to the ISC presentation on the attack, it is believed to be linked to known spammers and malware distributors. The full presentation of information up until this point can be found here."

3 of 314 comments (clear)

  1. Re:More reason to use Firefox by lowrydr310 · · Score: 1, Flamebait

    I didn't think DNS servers needed web browsers.

  2. This is a Windows DNS problem only by Peter+Cooper · · Score: 0, Flamebait

    Yet another badly written /. submission. Was this submitted by a Microsoft fanboy or something? Check out the actual report and you find that the affected servers are.. "Windows NT4 and 2000 DNS servers" and those that run "Symantec gateway products." This is about as newsworthy as "Windows XP/98/2000/whatever has yet another gaping security hole."

    This only sucks if you're using the default nameservers and are signed up with an ISP using shoddy insecure products.

  3. State the Truth by triso · · Score: 0, Flamebait

    Why don't the authors come out and say it: this is mostly a Windows' problem, again.