Despite patch by Cisco, Microsoft, others, DNS is not secure, researcher says
By Cisco Subnet on Thu, 02/19/09 - 7:30pm.
The Kaminsky Bug, a DNS cache poisoning attack, remains a threat, despite the fact that vendors such as Cisco, Sun and Microsoft joined together to release patches that temporarily fix the flaw. So said Dan Kaminsky at the Black Hat conference, reports Network World. The prominent security researcher told attendees that holes in DNS make the Internet vulnerable. DNS's problems are limiting other important, dependent security technologies as well.
He advocates DNS Security Extensions, which attempt to prevent spoofing attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption.
The article says:
"One roadblock to DNSSEC adoption is that it isn't easy to implement, Kaminsky admits, and calls for coordination by many parties. DNSSEC requires domain name registrars, domain name registries, ISPs and users to upgrade their software."
More from Cisco Subnet:
* Vyatta beats out Cisco, Juniper for New Mexico win
* Details of "Project California" revealed
* Largest coordinated ATM Rip-off ever nets $9+ million in 30 minutes
* Cisco adds new online questions module to CCIE lab exam
* Cisco in the home: Anonymous or poised for domination?
* OSPF puzzle: Analyzing OSPF metrics, human style
* Getting Started with the CCNA Wireless
Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, training/book giveaways, and more.
- About Cisco Subnet Blog
The Cisco Subnet blog is written by Network World managing editor Jim Duffy and is the official blog of Network World's Cisco Subnet community. The Cisco Subnet site is managed by Online Community Editor Julie Bort. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
- Archives
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- On The Web
Twitter
Sponsored Links
- Linux and Unix in Your Environment? Don’t Leave Security to Chance- Quest Software
- Securing Virtualized Data Centers - eBook - Trend Micro
- Efficiency goes up. Costs come down.- Microsoft
- SQL Server Experts: Virtually unstoppable- Microsoft
- Stay informed with custom newsletters from Tech Dispenser- Tech Dispenser
- Drive down operating expenses and mitigate risk with app centralization - Live May 12.- Juniper Networks
- The Next Generation of Content Security Has Arrived! Learn More!- Websense, Inc.
- Reduce costs by 49%, Increase capacity utilization by 33%. Make the HP LeftHand SAN work for you.- HP LeftHand SAN
- Connexion saves costs with Microsoft & Novell- Novell Microsoft
- Masters of Virtualization and Cloud Computing- Trend Micro
-
Network World, Inc
The Leader in Network Knowledge
Post new comment