Survey finds companies still vulnerable to DNS outage

Eight months after a faulty router configuration led to a 24-hour blackout of many Microsoft Web sites, a quarter of the top 1000...

Eight months after a faulty router configuration led to a 24-hour blackout of many Microsoft Web sites, a quarter of the top 1000 US company Web sites still have the same vulnerable Domain Name System (DNS) network setup that led to the Microsoft outage, according to a survey conducted by DNS software maker Men & Mice.

The chairman of Men & Mice, Jon Adalsteinsson, said that the much-publicised attack helped increase network administrators' awareness of DNS vulnerabilities, but many large enterprises are still susceptible.

DNS servers translate domain names into numeric IP addresses. When those servers go down, users who type Web addresses such as and can't connect to the intended servers.

Redundancy is key to protecting against outages. If a company spreads its DNS servers out across several network segments, it is better protected against failures.

Shortly after the Microsoft breakdown, Men & Mice surveyed the Web site networks of the top 1000 US companies and found that 38% housed all their DNS servers on the same network. That number fell to 25% when the company conducted another survey in May, Adalsteinsson said.

A survey conducted after the 11 September terrorist attacks showed that the situation had not improved. Some 250 major companies' Web sites are still at risk of virtually shutting down if the single network segment housing their DNS servers fails. Adalsteinsson declined to name which companies were vulnerable, but said the group includes some household names.

"The IT world has not learned from the Microsoft disaster," Adalsteinsson said. "We have corporations spending lots of money on putting redundancy and disaster recovery [tools] in place for their Web severs, but they don't seem to realise that without a properly redundant DNS setup, all that doesn't come into play."

Fixing the problem isn't expensive, according to Adalsteinsson. "It has nothing to do with cost. The problem is simply lack of awareness," he said. "The second problem is lack of know-how. Employees are not trained well enough on DNS."
This Content Component encountered an error

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.