— For Immediate Release —
CONTACT: Press only:
Sjofn Agustsdottir,
Men & Mice
+354-520-5306 or
mailto:sjofn@menandmice.com
A Serious Threat to the Internet Community:
One in Every Three On-line Organizations Risks Un-Authorized Parties
Gaining Access to Their Outgoing Email, According to Men & Mice
Reykjavik, Iceland, Jan. 6/ — Software developer Men & Mice
discovered, while testing the latest version of DNS Expert, its DNS
(Domain Name Server) analysis tool, that approximately one in every
three on-line organizations is vulnerable to a serious Internet
security problem called DNS spoofing. These organizations run the
risk of un-authorized parties gaining access to their outgoing e-mail
or their employees being directed to Internet sites run by hackers.
Says Cricket Liu, DNS consultant and co-author of the books “DNS &
BIND” and “DNS on Windows NT”: “DNS spoofing is a very real threat to
the integrity of activity on the Internet, whether commercial or
casual. A successful spoofing attack could cause significant damage
to an organization’s reputation, to its customers and correspondents.
It’s almost a wonder that we haven’t seen more such attacks on the
network.”
Most top-level business managers are not aware of the financial and
security risks associated with DNS spoofing. The good news is that
this security problem can easily be diagnosed and solved. Information
on tools to diagnose the problem and some available solutions may be
found at http://www.menandmice.com.
What is DNS spoofing?
DNS spoofing is a term used when a DNS server accepts and uses
incorrect information from a host that has no authority supplying
that information. Spoofing attacks can cause serious security
problems for companies vulnerable to such attacks, for example
causing e-mails to be routed to non-authorized mail servers, or users
to be directed to wrong Internet sites. “To picture the potential
damage,” Cricket Liu points out, “envision visiting your bank’s web
site to transfer funds from one account to another. Unfortunately,
the web site seems to be having problems: After entering your account
information and PIN, you still can’t access your account data. The
web site reports a ‘temporary failure’ and invites you to try again
later. What you don’t realize is that the web site you see is
actually a near-exact replica of your bank’s web site–startlingly
easy to create-and that you’ve just sent your account number and PIN
to hackers in another part of the world. Though you entered the
correct URL, your local name server had been spoofed into believing
that the bank’s domain name corresponded to the address of a web
server run by hackers.”
What can be done?
In order to prevent many sources of Internet attacks, it is necessary
to have the security built into the DNS systems. It is a
misconception that firewalls prevent such attacks. To minimize the
risk of a spoofing attack, every organization or individual
responsible for a domain should first check which type of name server
they are using and consult with its developer whether it is secure
against DNS spoofing or not. It is also important to find out whether
cooperating parties are using spoofable name servers in order to
prevent important incoming email being transferred to un-authorized
parties.
The latest version of DNS Expert (v.1.3) can be used to check the
vulnerability of all types of DNS servers to DNS spoofing and other
DNS problems. Besides, it is convenient to use DNS Expert 1.3 to test
the security status of cooperating parties.
Cricket Liu, at Acme Byte & Wire, has also provided guidelines on how
to solve the spoofing problem for BIND and the Microsoft DNS Server
in his presentation “Securing Your Name Server” which can be found at
http://www.acmebw.com/securing/index.htm. Further information is also
available at http://www.menandmice.com.
About Men & Mice
Men & Mice, headquartered in Reykjavik, Iceland, is a leading
developer of DNS software. The company is committed to the
development of new innovative DNS and Internet related software for
Windows and Mac OS.
