[ISN] Many companies still vulnerable to DNS outage

From: InfoSec News (isnat_private)
Date: Mon Oct 08 2001 - 01:09:49 PDT

  • Next message: InfoSec News: "[ISN] Linux Advisory Watch - October 5th 2001"

    http://www.infoworld.com/articles/hn/xml/01/10/04/011004hnmice.xml
    
    By Stacy Cowley 
    October 4, 2001 3:20 am PT
    
    EIGHT MONTHS AFTER a faulty router configuration led to a daylong
    blackout of many Microsoft Web sites, 25 percent of Fortune 1000
    company Web sites still have the same vulnerable DNS (Domain Name
    System) network setup that led to the Microsoft outage, according to a
    survey conducted by Icelandic DNS software maker Men & Mice.
    
    DNS servers translate domain names into numeric IP addresses. When
    those servers go down, users who type Web addresses -- such as
    Microsoft.com and Hotmail.com -- can't connect to the intended
    servers. Redundancy is key to protecting against outages; if a company
    spreads its DNS servers out across several network segments, it is
    better protected against failures such as the one that struck
    Microsoft in January.
    
    That much-publicized attack helped increase network administrators'
    awareness of DNS vulnerabilities, but too many large enterprises are
    still susceptible, said Men & Mice Chairman Jon Adalsteinsson.
    
    Shortly after the Microsoft breakdown, Men & Mice surveyed the Web
    site networks of Fortune 1000 companies and found that 38 percent of
    the companies had all their DNS servers on the same network. That
    number fell to 25 percent when the company conducted another survey in
    May, Adalsteinsson said.
    
    Last month's terrorist attacks prompted Men & Mice to conduct another
    examination.
    
    "We knew that there was a heavy dependence on the IT infrastructure in
    the aftermath of the terrorist attacks. We thought it would be good to
    check and see how this situation had improved," Adalsteinsson said.
    
    He was alarmed to find that it hadn't improved at all: 250
    multinational companies' Web sites are still at risk of virtually
    shutting down if the single network segment housing their DNS servers
    fails. Adalsteinsson declined to name which companies have vulnerable
    configurations, but said the group includes "some household names."
    
    "I guess the message is that the IT world has not learned from the
    Microsoft disaster," Adalsteinsson said. "We have corporations
    spending lots of money on putting redundancy and disaster recovery
    [tools] in place for their Web severs, but they don't seem to realize
    that without a properly redundant DNS setup, all that doesn't come
    into play."
    
    Fixing the problem isn't expensive, according to Adalsteinsson. "It
    has nothing to do with cost. The problem is simply lack of awareness,"
    he said. "The second problem is lack of know-how. Employees are not
    trained well enough on DNS [issues]. It's not a sexy technology."
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Mon Oct 08 2001 - 03:06:27 PDT