Language Selection

English French German Italian Portuguese Spanish

Poisoned web poses risk to security

Filed under
Web

COMPUTER criminals are coming up with ever stealthier ways to make money. Rather than attack PCs or email inboxes, their latest trick is to subvert the very infrastructure of the internet, the domain name system (DNS) that routes all net traffic.

In doing so, they redirect internet users to bogus websites, where visitors could have their passwords and credit details stolen, be forced to download malicious software, or be directed to links to pay-per-click adverts.

This kind of attack is called DNS cache poisoning or polluting. It was first done by pranksters in the early years of the internet, but it had limited impact and security patches eliminated the problem.

Now new loopholes have opened and poisoning appears to be back. This time experts can't be sure how much damage it might do. "We see the combination of DNS poisoning with other hostile actions as having a serious impact," says Swa Frantzen, a Belgium-based volunteer member of the SANS Internet Storm Center. "I think it's going to slowly die out," says Joe Stewart of net security company Lurhq in Chicago.

Internet poisoning returned to the fore in early March, when DNS software provided by antivirus firm Symantec was found to have a bug that made poisoning possible. Weeks later, the SANS centre uncovered a second spate of poisonings, but this time it was due to a security loophole.

Companies can protect themselves by switching to BIND 9, which will not accept or pass on poisoned information. But Gerhard Eschelbeck of the internet security company Qualys in Redwood Shores, California, says the problem may not be over. "I would not rule anything out. There are other creative ways that attackers can find to poison the DNS," he says. And poisoning is a much bigger deal than it was in the early days, because hackers can now use the technique to introduce "malware" onto servers and PCs, says Frantzen.

Full Story.

More in Tux Machines

Leftovers: Software

today's howtos

Leftovers: Gaming

Leftovers: KDE

  • LUKS support in KDE Partition Manager
  • Kate 16.04 on Windows (64bit)
  • The future of KApiDox
    I’ve been working hard to enhance KApiDox. I’d like to come back on what it is for, what I did and what I see for its future.
  • Danbooru Client 0.6.0 released
    It offers a convenient, KF5 and Qt5-based GUI coupled with a QML image view to browse, view, and download images hosted in two of the most famous Danbooru boards (konachan.com and yande.re).
  • A KMail Breakthrough.
    This tells the story of how I finally managed a successful transfer of email data from KMail version 1.13.6 to version 4.11.5. It is a non-technical essay exploring the obstacles I encountered, my options, and the methods I used to achieve my aim. It was written partly to give the information, but also with the hope that readers will both enjoy and be amused by the story of the "battle of KMail" that was ultimately won against "incredible odds". Links to the earlier articles discussing problems with KMail 4x are given at the end.
  • [GSoC] Kdev-Embedded, Debugging and programming embedded systems
    The actual embedded system word depends on closed-source IDEs and libraries, with high monetary value and deprecated functionalities. Programmers that would like to use ARM based boards without paying for an IDE will have problems setting up such development ambient and synchronized toolkits. The main idea of this project is to provide a plugin integrated with KDevelop to help the debugging and programming process of embedded systems like AVR, ARM and x86 based boards.