DNS Survey Finds Widespread Vulnerability | eWeek

DNS Survey Finds Widespread Vulnerability

Écrit par
Michael Myser
Michael Myser
Oct 25, 2005
2 minute read
eWeek Le contenu et les recommandations de produits sont indépendants de la rédaction. Nous pouvons gagner de l'argent lorsque vous cliquez sur des liens vers nos partenaires. En savoir plus

In a security survey of some 1.3 million DNS servers, an Internet measurement firm found that as many as 84 percent of those servers could be susceptible to pharming attacks.

The vulnerabilities come about mainly because the DNS (Domain Name System) servers tested were enabled to provide unrestricted recursive name services, which relay information about the name sever to “arbitrary queriers on the Internet.”

According to appliance vendor Infoblox Inc., which sponsored the survey by The Measurement Factory, this oversight alone can open up the servers to cache poisoning and DoS (denial of service) attacks, as well as pharming attacks, which redirect users to fake Web sites.

“Simply offering recursion does not alone make it possible to poison your cache, but youre at significantly higher risk,” said Cricket Liu, vice president of architecture at Infoblox. “Frankly, I wasnt expecting these numbers to be so high. I guess my view was skewed.”

The Boulder, Colo.-based Measurement Factory, in querying some 17 percent of the roughly 7.5 million globally known authoritative DNS servers on the Internet, also found that in more than 40 percent of DNS servers, the software used to complete domain name resolution is out of date and likely insecure.

Forty percent of servers also allow zone transfers, which copy sections of DNS data from server to server, to unknown requestors. Once that information is given, the server can be vulnerable to DoS attacks.

“The number of servers allowing zone transfers was bad, but not as dramatically awful as the recursion numbers,” said Liu.

/zimages/4/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis InternetsSecurity IT Hub.

DNS servers translate domain names like “eWEEK.com” into IP addresses, in order to direct users to appropriate Web locations.

Infoblox calls DNS servers “essential network infrastructure,” and warns that failure of an enterprise DNS server would halt all Internet activities of that organization.

“Without those name servers available, people cant send e-mail, cant visit your Web site, perform business-to-business or consumer transactions, or offer customer support,” said Liu.

In order to ensure security, Infoblox recommends DNS servers be configured to respond only to a handful of known queriers.

Liu, however, said most DNS server vendors enable both recursion and zone out-of-the-box, which may make them easier to set up, but can compromise security.

Infoblox ships its appliances with both functions disabled.

Full survey results and recommendations for DNS best practices are available through the Measurement Factory and Sunnyvale, Calif.-based Infoblox, respectively.

/zimages/4/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Propriété de TechnologyAdvice. © 2026 TechnologyAdvice. Tous droits réservés

Divulgation publicitaire : Certains des produits qui apparaissent sur ce site proviennent d'entreprises dont TechnologyAdvice reçoit une compensation. Cette compensation peut influencer la façon dont les produits apparaissent sur ce site, notamment l'ordre dans lequel ils apparaissent. TechnologyAdvice n'inclut pas toutes les entreprises ou tous les types de produits disponibles sur le marché.