Oct 6, 2008

flaw in the Internet's Domain Name System

How a recently discovered flaw in the Internet's Domain Name System makes it easy for scammers to lure you to fake Web sites.
The Domain Name System is essentially the Internet's phone book. It's a huge database containing the 32‑bit numeric codes that identify every single site on the Internet. These are known as Internet Protocol addresses, or IP addresses for short. Amazingly, this database is distributed over some 12 million computers worldwide, known as DNS name servers.

read more

DNS checker: To find out if the DNS server you use is vulnerable : http://www.doxpara.com/

The United States Computer Emergency Readiness Team (US-CERT) logs this problem in their vulnerability note : Multiple DNS implementations vulnerable to cache poisoning. They say about the impact of this flaw: 'An attacker with the ability to conduct a successful cache poisoning attack can cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services. Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker's control. '