Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Protection against DNS cache poisoning

Integralis : 31 July, 2008  (New Product)
Integralis develops 3 step protection against DNS cache poisoning preventing hackers from circumventing security measures and redirecting browsers to malicious sites
A major new security risk, 'DNS cache poisoning', has been discovered which can reroute web browser and email traffic to fraudulent criminal servers without the security protection in place being aware of any problems. Integralis has introduced a three point solution which will provide an immediate fix to eliminate these security risks and will also address and provide long term protection.

Graham Jones, UK Managing Director at Integralis adds, "With email and browser based 'in the cloud' applications playing a major part in day-to-day business transactions, a security breach of this kind could have catastrophic business and personal implications. Identity Theft and Business Espionage are immediate threats and stolen competitive information could be sold to the highest bidder. Our three point solution puts an immediate stop to any security breaches and enables future security problems to be managed correctly".

The security vulnerability has been found in the control of the internet DNS (Domain Name System) 'translation and routing' system. The vulnerability allows a hacker to reroute information sent to across the internet, in such a way that existing security software and appliances may not detect a security problem. Once the routing has been changed the hackers can then extract any information transmitted. This can enable identity theft and major criminal activity on both a personal and business basis.

DNS Cache Poisoning - is a hacking attack technique that allows an attacker to introduce 'fake' DNS information into a caching nameserver (a computer that converts domain names into appropriate IP addresses and vice versa acting as the translation and routing interface for email servers and web browsers). The same 'poisoned' DNS information can also be held on a workstation if DNS caching is also set up at a workstation level.

Once 'poisoned' the DNS routing is changed to take legitimate URL requests and send them to a 'rogue' server, which looks and acts like the actual server. Because the link has been made via a valid nameserver existing email and web browsers could see no security issue as the nameserver is deemed 'trustworthy'.

Unlike phishing attacks where an email has an embedded link to a fake address, DNS poisoning makes the fake address appear 100% legitimate and therefore can bypasses security already in place.

The Integralis three point solution:.

1) FAST STOP - An immediate and comprehensive solution to stop the security breach is to install and configure the Infoblox DNSone security package to use the root DNS servers and only trust authoritative name servers. This will address the vulnerability for all email and internet traffic immediately. Once implemented, individual patches can be applied across the network in the knowledge that any poisoned DNS addresses will be nullified by the DNSone solution.

2) PATCH - Integralis will then work directly with security vendors to supply details of software patches available to close this security vulnerability. The patches can be applied directly by users or by Integralis. Patches will need to be applied to all network security appliances, network servers and clients which cache DNS information.

3) ASSESS - An assessment of current security protection which will enable an organisation to gain a good understanding of the information security issues they may have and to develop an action plan for long term protection to ensure they have the right controls in the right place.



DNS is responsible for translating internet addresses into technical IP addresses which are used to route web browsers and emails to the correct servers. DNS validity is checked by web email servers and browsers such as Microsoft Internet Explorer, Mozilla Firefox, Apple Safari and Opera, to ensure that the internet address being used is safe, secure and valid.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo