Rethinking Web Browser Security

By Andrew Garcia  |  Posted 2008-07-30 Print this article Print

=DNS Dilemma}

Interestingly, much of the work being done on Web reputation systems-such as those offered by Trend Micro, McAfee and AVG-could quickly fall apart if DNS (Domain Name System) poisoning attacks gain traction in the wild, leveraging vulnerabilities such as the one recently found by security researcher Dan Kaminsky that prompted most DNS server providers to quickly issue a critical fix.  

Trend Micro Director of Web Security Business Ken Beer called DNS poisoning and infected host files "the Armageddon" because validation services base much of a Web site's reputation score on the actual domain by evaluating the name against details provided by the domain registrars.

"We are starting to ramp up to do some degree of association [between IP address range and a domain name for a given amount of time]," Beer said. "But trying to direct map from this IP address to this domain for a period of time is really like chasing your tail."

To keep DNS lookups accurate, administrators should make sure to patch their own DNS servers immediately and pressure ISPs to update their DNS servers as soon as possible. Administrators should also turn on features in their endpoint security solution or anti-virus platform that lock down the local hosts file, if that capability is an option.

Senior Analyst Andrew Garcia can be reached at


Andrew cut his teeth as a systems administrator at the University of California, learning the ins and outs of server migration, Windows desktop management, Unix and Novell administration. After a tour of duty as a team leader for PC Magazine's Labs, Andrew turned to system integration - providing network, server, and desktop consulting services for small businesses throughout the Bay Area. With eWEEK Labs since 2003, Andrew concentrates on wireless networking technologies while moonlighting with Microsoft Windows, mobile devices and management, and unified communications. He produces product reviews, technology analysis and opinion pieces for, eWEEK magazine, and the Labs' Release Notes blog. Follow Andrew on Twitter at andrewrgarcia, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel