Home » 

UK ISP News Archives

 » 
Sponsored Links

UPD: Firms Scramble to Patch Major DNS Internet Security Flaw

Posted: 09th Jul, 2008 By: MarkJ
UPDATE: Microsoft's MS08-037 DNS patch has apparently crippled users of the popular ZoneAlarm Firewall - forum post. ZA is recommending that people uninstall the patch until it has a fix.

It's just been revealed that the Internet's Domain Name System (DNS), which is responsible for translating Internet Protocol (IP) addresses into human readable form (e.g. "87.106.71.228" becomes "ispreview.co.uk") and vica versa, has had a serious underlying security flaw for several months.

The flaw, which could allow hackers to redirect your browsing activity to fake webpage’s and thus make phishing attacks even easier, was first discovered at the start of this year by security expert Dan Kaminsky (blog):

"It's not good, this class of attack is known as cache poisoning and basically an attacker can go ahead and impersonate large chunks of the web or large chunks of the internet to a random user," warned Kaminsky.

Kaminsky subsequently began informing all of the major firms and DNS management systems about the flaw, which included Microsoft, Cisco, Sun and Bind. Since then they and Kaminsky have been working in secret to develop and rollout a multi-vendor patch to solve the problem across all platforms, which finally went live yesterday evening.

Part of the reason for all the secrecy is to avoid hackers being made aware of the fault before it could be fixed, which would have made the Internet incredibly vulnerable. Happily there have been no reported incidents of this particular flaw being exploited and precise details are likely to be kept under wraps until August.

The delay in disseminating information about the flaw is designed to give the patch some breathing room for deployment. Meanwhile the patch has also been made difficult to reverse engineer, thus hindering hackers’ ability to discover the fault before it can be fully deployed.

Internet users need not be too concerned about the problem, although people should always be vigilant. To that end, Kaminsky has made a DNS check available on his blog that allows you to test whether your connection / network may be vulnerable.
Search ISP News
Search ISP Listings
Search ISP Reviews
 Latest UK ISP News
 Cheapest Superfast Broadband ISPs
  • Hyperoptic £17.99
    Speed 33Mbps, Unlimited
    Gift: None
  • UtilityWarehouse £19.99
    Speed 35Mbps, Unlimited (FUP)
    Gift: None
  • NOW £23.00
    Speed 63Mbps, Unlimited
    Gift: None
  • Vodafone £24.00
    Speed 73 - 82Mbps, Unlimited
    Gift: None
  • Shell Energy £24.99
    Speed 38Mbps, Unlimited
    Gift: None
Large Availability | Compare More ISPs
 Cheapest Ultrafast Broadband ISPs
  • Gigaclear £17.00
    Speed: 200Mbps, Unlimited
    Gift: None
  • Zzoomm £19.95
    Speed: 150Mbps, Unlimited
    Gift: None
  • YouFibre £19.99
    Speed: 150Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • BeFibre £21.00
    Speed: 150Mbps, Unlimited
    Gift: £25 Love2Shop Card
Large Availability | Compare More ISPs
Cheapest Superfast ISPs
  • Hyperoptic £17.99
    Speed 33Mbps, Unlimited
    Gift: None
  • UtilityWarehouse £19.99
    Speed 35Mbps, Unlimited (FUP)
    Gift: None
  • NOW £23.00
    Speed 63Mbps, Unlimited
    Gift: None
  • Vodafone £24.00
    Speed 73 - 82Mbps, Unlimited
    Gift: None
  • Shell Energy £24.99
    Speed 38Mbps, Unlimited
    Gift: None
Large Availability | View All
Cheapest Ultrafast ISPs
  • Gigaclear £17.00
    Speed: 200Mbps, Unlimited
    Gift: None
  • Zzoomm £19.95
    Speed: 150Mbps, Unlimited
    Gift: None
  • YouFibre £19.99
    Speed: 150Mbps, Unlimited
    Gift: None
  • Community Fibre £20.00
    Speed: 150Mbps, Unlimited
    Gift: None
  • BeFibre £21.00
    Speed: 150Mbps, Unlimited
    Gift: £25 Love2Shop Card
Large Availability | View All
Helpful ISP Guides and Tips
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
»
Sponsored Links
The Top 20 Category Tags
  1. FTTP (5399)
  2. BT (3490)
  3. Politics (2495)
  4. Openreach (2276)
  5. Business (2225)
  6. Building Digital UK (2215)
  7. FTTC (2039)
  8. Mobile Broadband (1942)
  9. Statistics (1764)
  10. 4G (1640)
  11. Virgin Media (1594)
  12. Ofcom Regulation (1438)
  13. Fibre Optic (1380)
  14. FTTH (1379)
  15. Wireless Internet (1379)
  16. 5G (1216)
  17. Vodafone (1128)
  18. EE (1112)
  19. TalkTalk (927)
  20. O2 (918)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules