One in Four DNS Servers Unpatched for Kaminsky Security Flaw, Study Finds
Brian Prince writes on eWeek:
New research offers a peak into the state of security of domain name server security – and it’s not all pleasing to the eye.More here.
In an annual study of domain name servers (DNS) connected to the Internet by The Measurement Factory, it was uncovered that roughly one in four DNS servers does not perform source port randomization, despite the publicity surrounding the DNS vulnerability reported by security researcher Dan Kaminsky earlier this year.
The study, which was sponsored by Infoblox, also found that more than 40 percent of Internet name servers allow recursive queries. With the study estimating 11.9 million name servers are reachable from the Internet, the percentages means millions of name servers may be open to cache poisoning and distributed denial of service attacks.