A new article over at Tech News ( http://www.technewsworld.com/story/Where-Are-All-the-Dangerous-DNS-Exploits-Nowhere-and-Everywhere-64085.html ) tells how Dan Kaminsky, a security researcher, has many experts patching and looking for solutions to stop DNS Exploits.
For those of you who aren't in on what DNS actually is, I will explain.
Domain Name System (DNS) is how all of our domain names are sent out to us and in the end give us a web page to look at. DNS Servers capture the URL www.blogger.com that you type into your favorite browser and then it sends you to the appropriate webserver where the information for that website is located. Its pretty simple, but at its current state, experts like Dan Kaminsky are warning that its very vulnerable to web attacks. He tells how DNS Servers are constantly under attack and there is little to be done because most DNS Servers are running on older machines due to the fact that they have lower server loads than the actual host site.
The attacks happen when hackers decide to attempt and take over a DNS Server and then reroute all traffic to spoof websites that look similar and then steal those users information once they input it into the website. The other problem is that DNS Servers do not log any of the information that would help us to protect users who have been fooled.
Say, for example, that a customer went into a grocery store and used cash to buy tomatoes that had been tainted with salmonella. The grocery store could eventually learn that it had sold some bad veggies, but it couldn't necessarily figure out which customers actually bought them.
This is very disappointing if you ask me. The fact that we as users have invested our time and money into making these sites and leasing these domain names from providers and they have done little to nothing to nothing to update security. I for one am glad that it has come to light that we have been blind and ignorant for so long. I can only hope that our providers for these services get on the ball and start heading in the right direction. I would encourage you all to complain to your online banking companies and companies like ebay or paypal to light a fire under their DNS Server's to get security holes fixed. Something like this could happen to anyone.. I just hope its not me.
———————-
Products Net Xpert Supports:
Need to remove your spyware? Id Recommend: Max Spyware Detector
Posts
No comments:
Post a Comment