Carolyn Duffy Marsan of Network World reporting: "A year has passed since security researcher Dan Kaminsky disclosed a serious flaw in the DNS that makes it possible for hackers to launch cache poisoning attacks… Experts say more has been done to bolster the security of the DNS in the past 12 months than in the previous decade, thanks to Kaminsky's discovery. Yet, the DNS remains as vulnerable as ever to cache poisoning attacks."
Read full story: Network World
Related topics:
To post comments, please login or create an account.
There are no company postings related to this page yet. Contact us to learn more about having your company news and updates featured on CircleID. Learn More
View More
DNSSponsored byNeustar UltraDNS | |
DNS SecuritySponsored byAfilias | |
IPv6Sponsored byNominum | |
SecuritySponsored byVerisign | |
MobileSponsored bydotMobi | |
Top-Level DomainsSponsored byMinds + Machines |
Hadn't the Kaminsky bug been fixed already? That was a short-term fix, as the article says (emphasis added)
Actually, it seems easier to poison mail sites because it is much easier to guess what queries a mail server is going to issue after receiving an SMTP connection. Curiously, mail sites are not considered. In addition, mail operators already complain about bandwidth and cycles required to process the amount of DNS information intended to counter spam, such as DNSBL, SPF, DKIM, etcetera. DNSSEC is not going to make that much lighter. Curiously, DNS over SCTP is not being considered either.