DNS' Biggest Threats: You, Me, and Them.
Consider yourself a normal network manager? Cornell researchers say your public email, web sites, etc. depend on 46 domain name servers keeping everything straight... even though you control only two. And that's the good news.
An attacker doesn't even need to touch your admirably controlled nameservers to steal your business. In the October 2005 proceedings of Internet Measurement Conference, Venugopalan Ramasubramanian and Emin Gun Sirer pointed out that 30% of domain names can be hijacked by exploiting known vulnerabilities in just two of the 46 servers (due to intrazone dependencies). Compromising any nameserver in your delegation scheme, they claim, can lead to hijacking your domain name for pharming, phishing or any other ne-pharious plot.
posted by Fergie @ 11/07/2005 01:37:00 PM
0 Comments:
Post a Comment
<< Home