Newswise — In February 2008, computer-security expert Dan Kaminsky stumbled onto a problem with the Domain Name System (DNS)--the distributed database of addresses computers use to navigate the Internet. He determined that a hacker could easily alter addresses stored in name servers, perhaps using this capability to redirect users to fake Websites, where valuable information (log-in credentials, credit card numbers, and so forth) could be harvested. The exploit takes advantage of certain quirks in the way DNS software stores, or caches, Internet-Protocol addresses. It also overcomes what in the past has thwarted hackers intent on doing this kind of mischief: the need to wait days to try again if their initial attempt fails. Although the strategy Kaminsky envisioned requires multiple trials for the attacker to guess a key number, on average it takes only 10 seconds to do so and successfully "poison the cache" of a targeted name server.

Kaminsky worked with other security professionals and industry partners in developing countermeasures, which now have been widely put in place. Although the software fix makes such cache poisoning much more difficult to carry out, this form of attack remains possible. In the future, secure extensions to the DNS may fully solve the problem.

MEDIA CONTACT
Register for reporter access to contact details
TYPE OF ARTICLE
Feature
SECTION
CHANNELS
Technology
KEYWORDS
DNS Domain NAME System Dan Kaminsky Dnssec Cache Poisoning Phishing Bailiwick Checking Port Randomization
COMMENTS | COMMENTING POLICY
View All Latest News