Users in a Bind | eWeek

Users in a Bind

Écrit par
eWEEK EDITORS
eWEEK EDITORS
Feb 19, 2001
3 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

More users must upgrade their version of a key program underlying the Internet or risk damaging attacks by hackers that could affect systems far beyond their own, security experts warn.

“We believe this issue is among the most serious the Internet will face,” said Shawn Hernan, team leader for vulnerability handling at Carnegie Mellon Universitys Computer Emergency Response Team (CERT), which monitors problems on the Internet.

Exposure to the problem is pervasive and the hazard of not fixing it is widely underestimated, experts said. Many users havent yet taken advantage of the available upgrade.

The program is called the Berkeley Internet Name Domain. Its open source code that links a name, such as ComeToUs.com, to a numeric Internet Protocol address on a Domain Name System server, which directs users to the right place. With a few exceptions, Web sites have such a server in front of them running BIND and directing traffic. The DNS server is typically outside the corporate firewall with minimal protection and, thus, is a frequent target for hackers. Hernan said 80 percent to 90 percent of the copies of BIND in use contain one of a dozen known vulnerabilities.

Users must not view the vulnerabilities as purely a local issue, he said. “My level of security on the network depends on yours,” he noted.

But the seriousness of the situation is beneath the view of corporate managers and desktop users, who were more likely to notice last weeks attack of the Anna Kournikova virus than the fact that their DNS server went down for three minutes.

Because BIND is open source code, its functions are an open book to hackers looking for holes to exploit.

In January, anti-virus software supplier Network Associates disclosed four previously unknown BIND vulnerabilities, and CERT issued an alert Jan. 29, urging users to upgrade to the latest Version 8.2.3, which closes the holes. The new version is available from the Internet Software Consortium, which maintains BIND, at www.isc.org.

One immediate result of the alert was that Network Associates Web site was attacked two days later by hackers “upset that the vulnerabilities had been published,” said Romain Agostini, director of product management at Entercept Security Technologies, an exploit countermeasure supplier. The Network Associates site was closed down by a denial-of-service attack for 90 minutes Feb. 1.

In one sense, the malicious hackers had little to worry about. With hundreds of thousands of copies of BIND in operation, many of them would not be upgraded for weeks, months or even years, the security spokesmen said.

Many BIND users are reluctant to take their servers down to perform the upgrade, since they rely on them for around-the-clock movement of traffic to the Web site. “Many are still running a 4.x version of BIND,” an old version, noted Patricia Steadman, vice president at Incognito Software, supplier of a proprietary substitute for BIND, DNS Commander 3.0.

Others dont upgrade because they “believe they have nothing an intruder would want,” Hernan said. But gaining an account on the DNS server is sufficient motive, he noted. Distributed denial-of-service attacks, such as the one that brought down Microsofts DNS servers in January, are launched from DNS and other servers around the Internet taken over by malicious hackers.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.