Available from BrightTools, Activeworx Security Center includes new features for meeting SOX and HIPAA compliance requirements, improved tools for forensic investigation, and much more.

Top Security News

Mac OS X Security
Mac and Linux users aren't used to turning on the news and hearing about security threats that affect us.

IE 7 Getting Some Props From Security Expert
Security expert Bruce Schneier is liking IE 7.

7 Security Updates Next Tuesday
Microsoft has announced seven patches coming next week's Patch Tuesday, according to Bink.

Microsoft Won’t Release Virus Fix In Time
Microsoft has said that it won't release an updated version of its Malicious Software Removal Tool until February 14, as was always scheduled, even though that version will contain a fix for the Kama Sutra/Blackworm/MyWife virus, which is set to delete Office documents on February 3

No Free AntiVirus For Vista
Microsoft has said that it will not provide free antivirus protection for Windows Vista, but instead sell it as a subscription service through Windows OneCare.

03.22.06


DNS Attack Threat May Be Overstated

By David A. Utter

The simplicity of how attackers can turn thousands of domain name servers against a target not only boggles the mind but constitutes a tremendous threat to Internet resources; however, the vulnerability may be more a matter of poorly configured machines.

Some may consider the MSNBC report on DNS and its role in attacks to overstate the problem. In looking at Bob Sullivan's assessment of the issue, it appears some work needs to be done to safeguard sites from criminal misuse of the DNS system.

Sullivan likens the attack to the prank of phoning in a fake pizza delivery order to someone's house. Person A asks Business B to deliver to Person C, which it does. Online, it is called a spoof attack.

Local domain name servers are the ones being used to facilitate these attacks. Sullivan noted how DNS traffic tends to be trusted by sites, and shutting down a site's access to other sites because of the DNS traffic coming from it punishes users at that site without solving the problem.

So far, it sounds like the obvious solution is to unplug one's computer, switch from direct deposit at work to receiving one's paycheck in gold coins, and wait patiently for the apocalypse.

Maybe not.

Commenters on Sullivan's story pointed out that the attacks he referenced hit DNS machines using BIND. Poorly configured systems using BIND offer the opportunity for exploitation as Sullivan reported. However, BIND can be hardened to withstand these types of attacks.

Sullivan interviewed Paul Vixie, the creator of BIND for the article. A commenter named Karl Denninger took Vixie to task for the whole issue:

There are technological fixes available for the DNS issues. Vixie and his group (ISC) are the AUTHORS and MAINTAINERS of that code. Indeed, 90% of what he's complaining about is addressed with fixes already in there - but which are turned off BY DEFAULT. WHY Paul? WHY?
If you're reading this, administering BIND, and haven't hardened the installation, this may be a good time to start.

About the Author:
David is a staff writer for EnterpriseSecurityNews covering cyber security.
AboutEnterpriseSecurityNews
Security news and updates for your enterprise

EnterpriseSecurityNews is brought to you by:

SecurityConfig.com NetworkingFiles.com
NetworkNewz.com WebProASP.com
DatabaseProNews.com SQLProNews.com
ITcertificationNews.com SysAdminNews.com
LinuxProNews.com WirelessProNews.com
CProgrammingTrends.com ITmanagementNews.com


-- EnterpriseSecurityNews is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2006 iEntry, Inc. All Rights Reserved Privacy Policy  Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article
Enterprise Security News News Archives About Us Feedback EnterpriseSecurityNews Home Page About Article Archive News Downloads WebProWorld Forums Jayde iEntry Advertise Contact