Previous
DNS Cache Poisoning: Definition and Prevention
White Papers This paper focuses on one of the most dangerous types of attack - DNS cache poisoning. The Internet would grind to a halt - would not be possible - without a Domain Name System (DNS). As this paper shows, the proper operation of DNS is fundamental...
[May 4, 2006, 10:17]
Microsoft issues DNS poisoning advisory
News In response to a heightened security alert, Microsoft has updated its customer advisories for protecting its server software against DNS cache poisoning attacks. The software behemoth revised its recommended settings for some Windows Server...
[April 8, 2005, 9:55]
DNS servers 'vulnerable to attack'
News DNS servers which run BIND versions lower than 9 are 'opening the door' to pharming attacks through DNS cache poisoning, The Measurement Factory claimed. DNS cache poisoning involves hacking into DNS servers and replacing the numeric addresses of...
[October 25, 2005, 17:55]
OpenID at risk due to DNS flaw, warns researcher
News You may have seen the recent announcements about DNS cache poisoning, and the potential effect of this on all kinds of internet-based applications' security," Wilton wrote in a blog post on Friday. This means that, if the underlying DNS system is...
[August 13, 2008, 15:54]
F-Secure answers .bank criticisms
News Criticisms included that the domain would do nothing against DNS cache poisoning, which involves hacking into domain name servers and replacing the numeric addresses of legitimate websites with the addresses of malicious sites.
[May 21, 2007, 12:41]
Attack code released for Kaminsky DNS flaw
News Up until now, bailiwick constraints were a security safeguard designed to stop a certain kind of DNS poisoning: RRset poisoning. Attack code has been released for a DNS flaw discovered by security researcher Dan Kaminsky.
[July 24, 2008, 15:39]
Phishers pushing spyware through DNS holes
News Known as DNS poisoning, the scheme redirects Internet users to bogus sites where they may be asked for sensitive information or have spyware installed on their PCs. The Internet Storm Centre, which represents a group of incident response...
[March 9, 2005, 8:25]
Researcher attempts to unravel Kaminsky DNS flaw
News It is possible to spoof query identifiers and use them in DNS cache poisoning. Records-referral set (RRset) poisoning involves hacking a DNS implementation to send out compromised records-referral data with legitimate records-referral data.
[July 22, 2008, 17:43]
Alarm over 'pharming' attacks review
Reviews DNS poisoning But DNS poisoning is a whole different kettle of fish (so to speak), and much more subtle than the attack described above. Rather than spamming you with email requests, pharmers work quietly in the background, 'poisoning' your local...
[February 21, 2005, 9:35]
VeriSign: Major Internet security update by 2011
News The ease with which DNS 'cache poisoning' attacks could be made was a significant factor in raising awareness for the need for DNS security. Cache poisoning in when an attacker corrupts the cache data in a DNS server, replacing a valid internet...
[November 16, 2009, 4:00]
The Anatomy of Spyware
White Papers Spyware applications that generate pop-up ads, hijack browser home pages, redirect Web searches, steal Web traffic via DNS poisoning, track Internet activity, or steal personal information pose a serious security threat to your network.
[May 16, 2006, 1:00]
DNS servers 'vulnerable to attack'
Talkback DNS poisoning, use to be an issue and use to be reported along with the virus du jor but, the problem was fixed and that is why we don't hear about DNS poisoning anymore. DNS unsafe! DNS servers 'vulnerable to attack' Get over yourself!
[October 26, 2005, 14:32]
Alarm over 'pharming' attacks
Talkback DNSSEC was designed to prevent cache poisoning attacks, but is not the end-all of security. Another solution on the horizon is DNS Security (DNSSEC). It is an extension to the DNS to include digital signatures to provide authentication and...
[February 24, 2005, 11:46]
Kaminsky reveals details and extent of DNS flaw
News In a presentation given at the Black Hat security conference in Las Vegas on Wednesday, Kaminsky gave details of how a successful DNS cache poisoning attack could be launched by taking advantage of the flaw.
[August 7, 2008, 14:46]
Half of DNS servers vulnerable to attack
News Recursion can leave DNS systems vulnerable to DNS cache poisoning and amplification attacks that can "bring down major networks", said Infoblox. The security of DNS continues to be an issue for network administrators, despite the availability of...
[November 20, 2007, 12:37]
Apple patch fails to address DNS flaw, say experts
News The current countermeasure to this DNS cache poisoning vulnerability is to introduce increased entropy by forcing randomisation of the query ID and the source port. The patch was brought out by Apple on Friday for its Tiger and Leopard operating...
[August 4, 2008, 14:17]
Hacker cracks Apple downloads
News Such techniques include DNS spoofing and DNS Cache Poisoning. One program listens for DNS queries for updates, and when it receives them replies with spoofed packets re-routing them to the attacker's computer.
[July 8, 2002, 16:27]
Icann: Coders and ISPs vital to net security
News Twomey said DNSSEC deployment would mitigate DNS cache poisoning, in which users are unwittingly redirected to fake internet sites. Icann is the US-based organisation responsible for running the domain-name system (DNS), which is the addressing...
[June 8, 2009, 17:17]
Crypto project to lock down net security
News Due to the open nature of DNS architecture, DNS cache poisoning, which allows an attacker to falsely redirect a user, has been a recurrent problem since at least 2005. The Domain Name System (DNS), the addressing system used to route information...
[June 5, 2009, 16:03]
Apple fixes downloads vulnerability
News Such techniques include DNS spoofing and DNS Cache Poisoning. One program listens for DNS queries for updates, and when it receives them replies with spoofed packets re-routing them to the attacker's computer.
[July 16, 2002, 10:23]
