In July I wrote a couple of blogs about the giant security flaw found in DNS servers. As a reminder, DNS is the Directory of Named Services...the very first place your computer goes when on the Internet to pull up the page you wish to see. It's like a phone book for Web sites. That makes it a crucial part of your Internet service.
Since my first blogs, I've learned a bit more about how this DNS security flaw works. While I won't go into excruciatingly boring details, I will give you the gist of it...a DNS server can be hacked so that when you request a certain site, you are taken to a phony site pretending to be the one you want. It is called DNS poisoning.
A hacker, in around 15 seconds, can attack a particular unpatched DNS server and change a Web site's pointer so it goes to a phony web site. Now, the vast majority of Web addresses on this one server's site are not affected...only one or a few sites are changed, which is why it is referred to as poisoning. And, of course, these sites always have something to do with money or identity theft.
Let's say a hacker attacks the the DNS server of your local ISP. In less than a minute, he changes the pointer for, lets say your bank, to point to a fake Web site that he has already created. You type in your bank's Web address and you are taken to this fake site and you put in your name and password. You have just had your identity and bank account hijacked without your knowledge.
Your ISP has no idea this is going on because the hacking method looks like nothing more than a normal request for a Web site id. Only the most sophisticated tracking methodology can be used to alert the ISP that a hack has taken place.
The good news is that there is a fix for this DNS poisoning flaw. That bad news is that the majority of folks running DNS servers (including some of the biggest ISP's like Comcast) have not applied the patch.
If you want to check if your ISP has fixed their DNS server, check out this Web site (DNS Operations, Analysis, and Research Center) recommended by CNet...or...go to the DoxPara Web site. If your test comes up bad, immediately to the OpenDNS Web site and follow their easy instructions on how to change your DNS server from your ISP's to OpenDNS. It is worth it.
I know I am repeating myself here from my previous posts on the DNS security flaw, but I cannot stress how important it is to follow these recommendations.
No comments:
Post a Comment