A large number of Domain Name System (DNS) servers are wrongly configured or running out-of-date software, leaving them vulnerable to malicious attacks.
DNS servers translate domain names into IP addresses and help form the backbone of the internet. Web analytics company The Measurement Factory has found that the BIND software, used for domain name resolution, is out-of-date on a fifth of the world’s DNS servers.
The Measurement Factory said that DNS servers running versions of BIND earlier than version 9 are threatened by DNS cache poisoning attacks.
DNS cache poisoning involves hacking into DNS servers and replacing the numeric IP addresses of legitimate websites with those of malicious sites.
Internet users can then be re-directed to fake web pages where they could fall victim to phishing attacks, such as being asked for on-line banking login details from fake bank websites, or having spyware unknowingly installed on their PCs.
The Measurement Factory surveyed 1.3m DNS servers for its report.