Icann releases DNS flaw FAQ and online test tool

Powered by SC Magazine
 

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw.

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw.

The FAQ, found here details the problem and explains why it’s critical.

The online tool, found here allows domain operators to test their domains for the vulnerability which can be used to affect the contents of their zone.

According to the ICANN advisory, the tools are to help encourage network operators and users about how best to fix or update affected servers.

“While it is not possible to fully fix this flaw, there are ways to improve resistance to it. This involves system administrators patching or reconfiguring their DNS servers,” said the advisory.

ICANN also reiterated the fact that not one organisation can implement a fix for this vulnerability due to its distributed nature. Instead, “it requires the cooperation of all name server operators and DNS software vendors.”

Adam Biviano, premium services manager at Trend Micro Australia said the DNS flaw has far reaching implications as it has the potential to affect every internet user.

He said: “No longer just following the common advice of typing an address directly into a browser can solely be relied upon. A user’s website request could still be redirected to a fake site designed to steal information,” said Biviano.

He said it also illustrates the current trend away from attacking platforms towards attacks which have far broader reach.

“No one platform is safe from this threat, from users of the typical PC to people using the web on an i-Phone or game console,” added Biviano.

Security researcher Dan Kaminsky discovered the design flaw in the fundamental DNS protocol in July.

Security vendor Marshal explained that the DNS security vulnerability makes it possible for hackers to “poison” the DNS cache, translating users’ reputable Website requests into bogus addresses for sites that could contain any manner of malicious code.

For Internet users, ICANN advised them to ensure, the DNS servers’ their computer uses to look up domains, has been patched to enable "source port randomisation".

“To check if this change has been made by ISPs uses can go to an online testing tool provided by the DNS Operations, Analysis and Research Center, found here.” stated ICANN.

“To be guarded against the vulnerability, the test result should return as "Great".

Icann releases DNS flaw FAQ and online test tool
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 340

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  58%
 
No
  42%
TOTAL VOTES: 143

Vote