News

DNS attacks on the up

Antony Savvas

The SANS Institute's Internet Storm Centre (ISC) has said that domain name system attacks are becoming more widespread since they were first reported last month.

Domain name system (DNS) poisoning attacks affect enterprise servers and cause users to be directed to malicious websites when they try to access legitimate ones.

The exploit this by directing the user to a different web IP address even though the correct domain has been typed in by the user.

Once the user is directed to a malicious site they could unwittingly download malware onto their machine and the corporate network, which could include viruses, adware, spyware or key-logging programs that can be remotely controlled by hackers.

The ISC says such attacks are spreading partly as a result of the default settings on older Windows-based servers.

Servers running NT 4.0 or versions of Windows 2000 prior to Service Pack 3 are particularly vulnerable as they don’t automatically protect companies against DNS Poisoning.

Symantec recently had to release a security patch to stop its older security appliances from letting such attacks through.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy