Home » 

UK ISP News Archives

 » 
Sponsored Links

Major UK ISPs Fail to Patch Exposed DNS Vulnerability

Posted: 25th Jul, 2008 By: MarkJ
UPDATE: Removed reference to BT, which patched its servers several weeks back.

Several of the UKs most prominent ISPs have failed to patch a critical Domain Name System (DNS) vulnerability in their networks, which was openly exposed for use by hackers earlier this week. The Internet's DNS is responsible for translating Internet Protocol (IP) addresses into human readable form (e.g. "87.106.71.228" becomes "ispreview.co.uk") and vica versa

Sky Broadband, The Carphone Warehouse (Opal Telecom, TalkTalk, AOL), T-Mobile, Orange and Griffin Internet were named in The Register's informal survey of ISP customers. The flaw itself was first publicly disclosed at the start of this month (original news) by security expert Dan Kaminsky, although it had been discovered several months earlier.

Exact details of how to manipulate the flaw were supposed to be kept secret while a global security update was conducted, unfortunately the patch was swiftly reverse engineered (hardly surprising) and exploit code revealed.

Kaminsky had already setup a simple DNS Checker application on his blog, which allowed ordinary surfers to detect whether or not their ISPs DNS servers were patched. Sadly the providers listed above failed this test, suggesting that their customers could now be extremely vulnerable to the exploit.

The vulnerability itself could allow hackers to redirect your browsing activity to fake webpage’s and thus make phishing attacks even easier. Typically it can take time for larger networks to deploy the update, although it's probably fair to say that time is something they no longer have the luxury of.

Those using the free OpenDNS system to replace their ISPs own primary and secondary DNS servers need not worry. If your provider is vulnerable then it may be a good interim solution: http://www.opendns.org .
Search ISP News
Search ISP Listings
Search ISP Reviews
Cheap BIG ISPs for 100Mbps+
Community Fibre UK ISP Logo
150Mbps
Gift: None
Sky Broadband UK ISP Logo
100Mbps
Gift: None
Virgin Media UK ISP Logo
Virgin Media £27.00
132Mbps
Gift: None
Plusnet UK ISP Logo
Plusnet £27.99
145Mbps
Gift: None
Zen Internet UK ISP Logo
Zen Internet £28.00 - 35.00
100Mbps
Gift: None
Large Availability | View All
Cheapest ISPs for 100Mbps+
Gigaclear UK ISP Logo
Gigaclear £17.00
200Mbps
Gift: None
Community Fibre UK ISP Logo
150Mbps
Gift: None
BeFibre UK ISP Logo
BeFibre £19.00
150Mbps
Gift: None
YouFibre UK ISP Logo
YouFibre £19.99
150Mbps
Gift: None
Hey! Broadband UK ISP Logo
150Mbps
Gift: None
Large Availability | View All
Sponsored Links
The Top 15 Category Tags
  1. FTTP (5628)
  2. BT (3541)
  3. Politics (2570)
  4. Openreach (2320)
  5. Business (2297)
  6. Building Digital UK (2261)
  7. FTTC (2051)
  8. Mobile Broadband (2006)
  9. Statistics (1807)
  10. 4G (1694)
  11. Virgin Media (1649)
  12. Ofcom Regulation (1481)
  13. Fibre Optic (1413)
  14. Wireless Internet (1407)
  15. FTTH (1382)
Sponsored

Copyright © 1999 to Present - ISPreview.co.uk - All Rights Reserved - Terms  ,  Privacy and Cookie Policy  ,  Links  ,  Website Rules