|
|||||||||||||||||||||||||
|
|||||||||||||||||||||||||
|
Worldwide Survey of DNS Servers Reveals Many Systems Vulnerable to AttacksOne in Four Servers Still Unpatched for the Kaminsky Vulnerability and Many More Open to Recursion November 10, 2008; 08:35 AM SANTA CLARA, CA--(Marketwire - November 10, 2008) - Infoblox Inc., a developer of appliances that deliver DNS and DHCP services, among others, and The Measurement Factory, experts in performance testing and protocol compliance, today announced results from the fourth-annual survey of domain name servers on the public Internet. Top-line results indicate that despite the fact that most organizations are running recent versions of BIND and no longer using Microsoft DNS Servers for their external DNS servers, many organizations have not taken the necessary precautions to limit access to recursion or secure zone transfers. In addition, many still have not upgraded to the latest DNS software to protect against the recently discovered Kaminsky vulnerability and associated risk of DNS cache poisoning. "Given the heightened awareness of DNS server vulnerabilities due to the recent Kaminsky discovery, it is surprising to see how many organizations are still leaving their DNS systems as potential victims of attack," commented Cricket Liu, Vice President of Architecture at Infoblox and author of O'Reilly & Associates' DNS and BIND, DNS & BIND Cookbook, and DNS on Windows Server 2003. "Even if an enterprise has gone to the trouble of patching against the Kaminsky vulnerability, there are many other aspects of configuration, like recursion and open zone transfers, that should also be secured. If not, organizations are essentially locking their door to their house, but leaving the windows wide open. Organizations clearly need to pay more attention to configurations and deployment architectures that are leaving their DNS infrastructures vulnerable to attacks and outages." DNS servers are essential network infrastructure that map domain names (e.g., yahoo.com) to IP addresses (e.g., 66.94.234.13), directing Internet inquiries to the appropriate location. Domain name resolution conducted by these servers is required to perform any Internet-related request, whether for Web browsing, email, ecommerce, or cloud computing. Should an enterprise or organization's DNS systems become compromised by attacks, the results can be devastating, ranging from loss of a company's Web presence, inability of employees to access any outside Web services, and perhaps most damaging, redirection of Web and email traffic to bogus sites, resulting in data loss, identity theft, ecommerce fraud and more. Following are the key 2008 DNS survey results, which are based on a sample that included 5 percent of the IPv4 address space, nearly 80 million addresses. GOOD NEWS
-- 90% of name servers that run BIND run one of the most recent versions BAD NEWS
-- One in four DNS servers does not perform source port randomization -- MISC.
-- Usage of IPv6 name servers continues to increase from .27% to .44%; Call to Action Based on these statistics, there are some clear calls to action for organizations with external DNS servers. Instead of waiting until they are attacked, all organizations should assess their DNS infrastructure and immediately take the necessary steps to make them more reliable and secure. Infoblox provides a number of free, automated tools that enable organizations to test their DNS infrastructure and identify weaknesses and vulnerabilities. These tools and many other resources, as well as the complete DNS Survey results are available on the Infoblox.com Web site at: http://www.infoblox.com/library/dns_resources.cfm. About Infoblox Infoblox appliances deliver utility-grade core network services, including domain name resolution (DNS), IP address assignment and management (IPAM/DHCP), authentication (RADIUS) and related services. Infoblox solutions, which provide the essential "glue" between networks and applications, are used by over 2,300 organizations worldwide, including over 100 of the Fortune 500. The company is headquartered in Santa Clara, Calif., and operates in more than 30 countries. For more information, call +1.408.625.4200, email [email protected], or visit www.infoblox.com. About The Measurement Factory The Measurement Factory provides a variety of products and services related to Internet testing and measurement, with a current focus on DNS, HTTP, and ICAP. Most of the Factory's products are available under open-source licenses. For more information, call +1-303-938-6863, email [email protected], or visit www.measurement-factory.com.
|
|
Copyright © 1998 - 2018 DevStart, Inc. All Rights Reserved |