Kaminsky delivers DNS dirt

By

Security researcher Dan Kaminsky has delivered his much-anticipated report on the DNS flaw he discovered earlier this year.


Kaminsky explained to a crowd at the Blackhat conference in Las Vegas that the flaw he uncovered could be used for attacks far more complex and sinister than just phishing operations.

The researcher began his presentation with an update on the patching operation. He noted that hundreds of millions of users have been protected through updates by vendors and ISPs, and the majority of Fortune 500 companies had deployed patches for their servers as well

The vulnerability centers around the way the domain name system looks up information linking URLs to IP addresses. In short, the flaw allows an attacker to "poison" a given DNS server and redirect traffic to the malicious site.

The vulnerability has mostly been discussed for its possible use in phishing attacks. However, Kaminsky warned that it could also be used to compromise mail servers, allowing the attacker to intercept and redirect messages.

Kaminsky also admitted that the suggested solution to the problem, randomizing the source port, may not be a permanent solution. He said that the solution is more of a "stopgap" to stave off attacks until a better defense system can be developed.

He also warned that the DNS flaw could be the first of many potentially catastrophic flaws found in coming years, as more commonly used services and systems are probed for fundamental weaknesses.

"Even with DNS fixed, there are other scenarios in which unencrypted IP traffic is lost to an attacker," Kaminsky noted in the presentation.

"The attacker is capable of way more than he should be."
Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers

Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound

Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames

Log In

  |  Forgot your password?