DNS flaw is so big it puts every network at riskAugust 7, 2008 – 7:27 AM
A recently found flaw in the internet’s addressing system is worse than first feared, so Dan Kaminsky said when speaking publicly about his discovery at the Black Hat conference in Las Vegas.
He said fixes for the flaw in the net’s Domain Name System (DNS) had focused on web browsers but it could be abused by hackers in many other ways.
“Every network is at risk,” he said. “That’s what this flaw has shown.”
DNS is the internet’s address book and helps computers translate the website names people prefer so www.neowin.net gets translated to its real address of 220.127.116.11
Mr Kaminsky discovered a way for malicious hackers to hijack DNS and re-direct people to fake pages even if they typed in the correct address for a website. In his talk Mr Kaminsky detailed 15 other ways for the flaw to be exploited.
Using the flaw hi-tech criminals or pranksters could target FTP services, mail servers, spam filters, Telnet and the Secure Socket Layer (SSL) that helps to make web-based transactions more secure.