With DNS so vital to the operation of the Internet, security threats to it need to be taken seriously. But when it comes to the recent disclosure of a multivendor DNS cache poisoning issue, who really is at risk? And will the Internet collapse if the issue isn’t fixed?Experts say that while the new DNS [...]

The security-researcher blogosphere did not acquit itself particularly well when discussing Dan Kaminsky’s news earlier this week concerning that DNS cache-poisoning attack vector.

More: continued here

Microsoft DNS patch KB951748 incompatible with Zonealarm
More: continued here Powered by SmartRSS

The seriousness of the DNS-protocol weakness disclosed Tuesday can’t be overstated, according to the system’s architect.

More: continued here

Experts are asking whether it’s time to shine a bright light on the “black art” of Domain Name System (DNS) management.”DNS is one of those topic areas that I’ve always called a black art,” said Robert Whiteley, senior analyst at Forrester Research. “It is very poorly understood, relative to how important it is.” DNS is [...]

A cache poisoning flaw that was discovered earlier this year in the Domain Name System protocol was kept under wraps while a group of vendors worked in tandem to develop software patches.

More: continued here

A DNS design flaw, which could have allowed remote attackers to silently hijack web sessions, prompted Tuesday’s release of an unprecedented multivendor patch.

More: continued here

Microsoft today released patches for nine vulnerabilities in Windows, Exchange, SQL Server and the company’s DNS server and client software.

More: continued here

The Internet Corporation for Assigned Names and Numbers (ICANN) is speaking out about a recent round of attacks perpetrated against its sites.Hackers compromised a pair of mirror sites for the company and redirected users to a page taunting ICANN and claiming ‘we control the domains.’ The attacks were attributed to Turkish hacker group NetDevilz.The attack [...]

Working closely with the German hosting company ? manitu, heise is making available with immediate effect a realtime DNS-based blacklist service for identifying weak SSL keys. The provider already runs the Realtime Blacklist for the iX spam filter NiX Spam, which enables mail servers to identify and filter spam.The principle of a DNS realtime blacklist [...]

Commercial pressures are weakening the security of the domain name system that helps route Internet traffic, according to a security expert at ICANN.

More: continued here

Supected botnet operators are using false reports that a fictitious earthquake near Beijing could disrupt the Olympic games to spread malware.Samples of the bogus alert doing the rounds, featuring subject lines such as “Million dead in Chinese quake”, link to a website on a .cn domain. This site claims a quake measured in at 9.0* [...]