A large number of Domain Name System (DNS) servers are
wrongly configured or running out-of-date software, leaving them
vulnerable to malicious attacks.
DNS servers translate domain names into IP addresses and help
form the backbone of the internet. Web analytics company The
Measurement Factory has found that the BIND software, used for
domain name resolution, is out-of-date on a fifth of the world’s
DNS servers.
The Measurement Factory said that DNS servers running versions
of BIND earlier than version 9 are threatened by DNS cache
poisoning attacks.
DNS cache poisoning involves hacking into DNS servers and
replacing the numeric IP addresses of legitimate websites with
those of malicious sites.
Internet users can then be re-directed to fake web pages where
they could fall victim to phishing attacks, such as being asked for
on-line banking login details from fake bank websites, or having
spyware unknowingly installed on their PCs.
The Measurement Factory surveyed 1.3m DNS servers for its
report.