Half of the web's domain name servers are wrongly
configured, leaving companies and large sections of the internet
infrastructure open to attack.
Infoblox, a developer of security appliances, and The
Measurement Factory, a performance testing company, have just
released their ‘2006 DNS Report Card’.
DNS servers map domain names into IP addresses, directing users’
internet inquiries to the appropriate location.
Should an organisation’s DNS systems fail, all internet
functions, including e-mail, web access, e-commerce and extranets
become unavailable.
The DNS survey was based on a scanned sample of systems
consisting of almost 80 million DNS devices, or 5% of the main IP
version 4-based devices being used on the internet.
The survey found that 50% of DNS servers allow recursive name
services – a form of name resolution that often requires a name
server to relay requests to other name servers.
This leaves many networks vulnerable to pharming attacks and
enables their servers to be used in DNS amplification attacks that
can take down important DNS infrastructure, said the two
companies.
In addition, more than 29% of DNS servers surveyed allow zone
transfers to arbitrary queries, enabling duplication of an entire
segment of an organisation’s DNS data from one DNS server to
another, and leaving them easy targets for denial of service
attacks.
Security researcher Dan Kaminsky said, “People tend to take DNS
for granted, but if it goes down so does your network. As this data
shows, there are organisations that should take urgent action to
bolster their DNS infrastructure.”
More
information www.infoblox.com,
www.dnsstuff.com.