Icann releases DNS flaw FAQ and online test tool

By on
Icann releases DNS flaw FAQ and online test tool

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw.

The Internet Corporation for Assigned Names and Numbers (ICANN) has announced the availability of an online FAQ and online tool to help raise awareness for the recently discovered hazardous DNS flaw.

The FAQ, found here details the problem and explains why it’s critical.

The online tool, found here allows domain operators to test their domains for the vulnerability which can be used to affect the contents of their zone.

According to the ICANN advisory, the tools are to help encourage network operators and users about how best to fix or update affected servers.

“While it is not possible to fully fix this flaw, there are ways to improve resistance to it. This involves system administrators patching or reconfiguring their DNS servers,” said the advisory.

ICANN also reiterated the fact that not one organisation can implement a fix for this vulnerability due to its distributed nature. Instead, “it requires the cooperation of all name server operators and DNS software vendors.”

Adam Biviano, premium services manager at Trend Micro Australia said the DNS flaw has far reaching implications as it has the potential to affect every internet user.

He said: “No longer just following the common advice of typing an address directly into a browser can solely be relied upon. A user’s website request could still be redirected to a fake site designed to steal information,” said Biviano.

He said it also illustrates the current trend away from attacking platforms towards attacks which have far broader reach.

“No one platform is safe from this threat, from users of the typical PC to people using the web on an i-Phone or game console,” added Biviano.

Security researcher Dan Kaminsky discovered the design flaw in the fundamental DNS protocol in July.

Security vendor Marshal explained that the DNS security vulnerability makes it possible for hackers to “poison” the DNS cache, translating users’ reputable Website requests into bogus addresses for sites that could contain any manner of malicious code.

For Internet users, ICANN advised them to ensure, the DNS servers’ their computer uses to look up domains, has been patched to enable "source port randomisation".

“To check if this change has been made by ISPs uses can go to an online testing tool provided by the DNS Operations, Analysis and Research Center, found here.” stated ICANN.

“To be guarded against the vulnerability, the test result should return as "Great".
Tags:

Most Read Articles

You must be a registered member of iTnews to post a comment.
| Register

Poll

New Windows 10 users, are you upgrading from...
Windows 8
Windows 7
Windows XP
Another operating system
Windows Vista
How should the costs of Australia's piracy scheme be split?
Rights holders should foot the whole bill
50/50
ISPs should foot the whole bill
Government should chip in a bit
Other
View poll archive

Whitepapers from our sponsors

What will the stadium of the future look like?
What will the stadium of the future look like?
New technology adoption is pushing enterprise networks to breaking point
New technology adoption is pushing enterprise networks to breaking point
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
Gartner names IBM a 'Leader' for Disaster Recovery as a Service
The next era of business continuity: Are you ready for an always-on world?
The next era of business continuity: Are you ready for an always-on world?

Log In

Username:
Password:
|  Forgot your password?