Tuesday, November 11, 2008

Kaminsky cache poisoning flaw

One in four public DNS servers insecure

One in four public-facing domain name system (DNS) servers on the internet are still vulnerable to the Kaminsky flaw, according to the fourth annual survey of DNS servers by network services vendor Infoblox.

The flaw allows hackers to sabotage DNS servers and send web users to sites set up to hack into their systems. Cricket Liu, architecture vice president at Infoblox, explained that the survey used the same tests as last year, but added a check on whether servers had patched against the Kaminsky flaw by performing source port randomisation.

"The number of name servers out there has increased slightly from 11.7 to 11.9 million, and firms are using more secure up-to-date versions of the Berkeley Internet Name Daemon package," he said.

Refer here to read full article.

No comments: