dns server

DNS cache poisoning spotted at China Netcom

Paul Mah — Fri, 22 Aug 2008 11:52:28 -0400

China Netcom (CNC), one of China's largest Internet service providers (ISP), had the cache of its primary DNS server poisoned to redirect certain common typos to a malicious site. Now, it is relatively common for mistyped domain names to be redirected by ISPs to a placeholder site with advertisements as an additional revenue source for them. In this case though, customers of this prominent ISP are forwarded to a website under the control of an attacker. According to Websense's Security Labs alert, the site is rigged with malicious iFrame code to exploit known vulnerabilities in RealPlayer, MS06-014, Flash Player and Microsoft Snapshot Viewer.

To read up more about this story:
- check out this Websense alert

DNS attacks are draining corporate IT coffers

Wed, 18 Jul 2007 20:01:38 -0400

Attacks on companies' Domain Name System (DNS) servers are causing CIOs to spend a considerable amount of time and money to deploy complex security measures to keep their sites protected from malicious attackers. And according to NetworkWorld, despite this investment, companies are still vulnerable. In a study of 465 IT and business professionals, more than half the respondents reported having fallen victim to some form of malware attack. Over a third were hit by a denial-of-service (DoS) attack, and more than 44 percent had experienced a pharming or cache-poisoning attack. External and internal DNS servers were equally vulnerable: Both types succumbed to attacks with roughly the same frequency, according to the study by Mazerov Research and Consulting. A DNS server compromised by a hacker could be used to funnel Web surfers to all sorts of phishing attacks and malicious Web sites, and in some cases could even cause havoc with directory services and email.

For more on DNS attacks:
- check out this Network World article

ALSO NOTED: CIOs on the job with Web security; New approaches to solving spam problem;

Sun, 15 Apr 2007 20:01:38 -0400

> Study: Most CIOs use content filtering and blocking software or have acceptable Web browsing policies. Article

> Innovators offer hope of curing spam. Article

> IT equipment leases dip, while software leases will rise. Article

> Cisco fixes security holes. Article

> New Storm worm outbreak blasting Internet. Article

> Dangerous DNS server bug in Longhorn code. Article

And Finally…. Are SMBs missing the open-source boat? Article

DNS hackers' newest, more powerful tool

Sun, 26 Mar 2006 19:01:38 -0500

One of the newest hacker tools is the DNS server, which cyber criminals are using to knock out online businesses and up their ante on Internet assaults. It's no small issue considering that DNS attacks are hitting big time security vendors with everyone else. VeriSign, for example, says it experienced one of the biggest system attacks ever thanks to a DNS event. And there's more than a few reasons why hackers are using the DNS approach--it's easier to hide behind, carries more ammunition and delivers a much more powerful punch than other cyber crime strategies.

For more on the DNS attack trend:
- read this article at News.com