Go Back   Vista Help Forum » Community » Watercooler
Thread Tools Display Modes
Old 07-09-2008
Trooper Trooper is offline
Agent - Level 3
Join Date: Nov 2007
Location: Australia
Posts: 603
Trooper is on a distinguished road
Default Security flaw warning for internet

Courtesy; ABC News (Australia.) www.abc.net.au/news

An internet security expert in the US says he has found a gaping hole in the World Wide Web.

The Domain Name System (DNS) translates internet addresses that people can easily understand and remember into long sequences of numbers that computers can comprehend.
Security analyst Dan Kaminsky has told a Network Security Podcast that it functions as the internet's road map.
"Send an email, where's it going to go? DNS is the one that tells you where is goes. DNS goes bad, email goes bad," he said.
Unfortunately, Mr Kaminsky now thinks this most basic of internet tools has a gaping security flaw.
"It's not good, this class of attack is known as cash poisoning and basically an attacker can go ahead and impersonate large chunks of the web or large chunks of the internet to a random user," he said.
In other words you might think you're visiting your bank, but really you're being redirected without your knowledge to an imitation site that looks virtually identical.
Of course, the site's only there to fool you into giving up your account number and password.
The DNS flaw has spurred the internet industry into action.
Mr Kaminsky approached major computer companies earlier this year about meeting in secret to come up with a solution.
He says the result was a rare occurrence of widespread industry cooperation to fix the problem, before the word got out to hackers about the security flaw.
"That's not something you normally get the opportunity to do," he said.
"So, a dirty little secret, all patches are reverse engineered to find out the exploit that they're fixing. Usually you can look right at it and say, 'Oh they weren't checking this value'.
"Well in this case we can just straight up say, 'We're taking this thing that was fixed and we're making it more random'.
"Yeah, well that's not enough to know how to actually do the attack. That's not to say that this obscurity is going to last forever.
"But we intentionally chose a solution that we felt would be the hardest to reverse engineer so that people could have as much time as possible to patch."
The chief executive of the Internet Industry Association Peter Coroneos says there are not any known incidents in Australia of hackers exploiting the flaw, but he says industry players are working to protect themselves against it.
He says internet security is always a work in progress, and hackers may eventually find their way around the fix.
Mr Coroneos likened the internet to a spaceship that is travelling further than originally intended, which is now being rebuilt mid-flight.
"So it's sort of getting built as we go and getting improved as we go," he said.
"So there's a tendency, certainly in the long-term, because the internet is so economically valuable now, because it has become an indispensable part of our lives then there is no question that the necessary efforts to shape the internet into a more secure medium are almost guaranteed."
Mr Coroneos says this particular flaw is something that home users won't be able to do much about, and will be mostly worked on by IT experts at the server level. But he says users still have a big role to play in keeping their information secure.
"Everyone has to play their part," he said. "End users certainly would be exposing themselves to risk if they're engaging in risky behaviour online - perhaps downloading files (when) they're not sure of the security or the legitimacy of them.
"Not having anti-virus and anti-spyware and firewall software in place. So everyone has to play their part."
Reply With Quote
Old 07-09-2008
cpearson's Avatar
cpearson cpearson is offline
Agent - Level 3
Join Date: Dec 2006
Posts: 281
cpearson is on a distinguished road

That very interesting, expected but interesting. The type of attack they are describing involves poisoning the DNS tables on a number of DNS servers. The system when pushes its poisoned tables to other DNS servers and thus it propagates around the world. This is very similar to a basic LAN man in the middle attack, where you poison the MAC address table on a switch or router. This funnels traffic through your box before going to its intended destination.

Hopefully industry security researchers will be able to fix this problem and avert widespread exploitation of this vulnerability.
Reply With Quote
Old 07-09-2008
Trooper Trooper is offline
Agent - Level 3
Join Date: Nov 2007
Location: Australia
Posts: 603
Trooper is on a distinguished road

Well thats the problem isn't it. For all the good guys looking to take defensive measures, there's another five bad guys looking to exploit and attack.

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
No internet connectivity even when im connected to the internet? myesq Vista Game Forum 2 08-13-2013 07:19 AM
security center handyosprey Vista UAC 1 05-25-2008 01:46 AM
Security Status gr277 Vista Help Forum 11 02-19-2008 03:15 PM
Softeare Installation terminated without any Error/Warning SkHota Vista Help Forum 0 11-20-2007 12:20 AM
Vista Security cpearson Vista Malware Forum 0 07-03-2007 05:30 PM