http://www.darkreading.com/securityservices/security/vulnerabilities/showArticle.jhtml?articleID=220000275 By Kelly Jackson Higgins DarkReading Sept 14, 2009 One of the first cloud-based secure DNS services was launched today amid intensified concerns over locking down vulnerable Domain Name Service servers. OpenDNS, which provides a free DNS service for consumers and schools, now is offering a subscription-based commercial service for enterprises. Other vendors, such as Nominum, are considering offering secure DNS cloud services as well. DNS security has gotten more attention than ever in the wake of the discovery of a major hole in DNS that was revealed by researcher Dan Kaminsky, and was later patched by several vendors. The so-called cache-poisoning flaw could allow an attacker to guess the transaction ID of a Web query and let the attacker hijack queries. Meanwhile, the Internet community has stepped up efforts to adopt the DNSSEC standard for protecting the DNS translation process from being compromised. "One of the more troubling experiences from the DNS patching effort was realizing how many organizations didn't even know what DNS servers they were using internally. Recursive name servers tend to just 'run themselves,' only getting noticed when they either have to be patched, or when load exceeds some magic query per second level at which point random things start breaking everywhere," says Kaminsky, who is director of penetration testing for IOActive. [...] ________________________________________ Did a friend send you this? From now on, be the first to find out! Subscribe to InfoSec News http://www.infosecnews.orgReceived on Mon Sep 14 2009 - 22:29:57 PDT
This archive was generated by hypermail 2.2.0 : Mon Sep 14 2009 - 22:33:59 PDT