Analyst Firm Publishes New White Paper Detailing Top DNS Vulnerabilities and How Genuinely Secure DNS Software Can Overcome Them
July 26, 2007 (PRLEAP.COM) Technology NewsA new white paper issued by Hurwitz & Associates entitled, “The 5 Reasons To Worry About Your DNS – Why DNS Technology is Vulnerable and How Genuinely Secure DNS Software Fixes The Problem” is now available.
Researched and authored by two partners at analyst firm Hurwitz & Associates, the in-depth paper identifies and explains five key vulnerabilities that threaten the integrity of today’s Domain Name System (DNS) – the backbone of the Internet. It then offers a practical, proactive approach that businesses and organizations can use to protect themselves from these dangerous threats.
Specific details include:
• Analyst white paper entitled, “The 5 Reasons To Worry About Your DNS – Why DNS Technology is Vulnerable and How Genuinely Secure DNS Software Fixes The Problem”
• Commissioned by Secure64 Software Corporation
Robin Bloor, Fran Howarth
Hurwitz & Associates (Consulting, Research and Analyst Firm)
o Content Summary:
There are five main reasons Internet-dependent businesses should be concerned about the Internet’s Domain Name System and their own DNS servers, which are a small part of that global system. The causes for concern identified in the paper are:
1. Denial of Service (DoS) Attacks. DoS attacks have now become commonplace and are regularly mounted against organizations of every kind to extort money. Their frequency has escalated alarmingly in the last few years.
2. Web Site Defacement. Web site defacement is often achieved through DNS cache poisoning or direct compromise of a DNS server. The frequency of Web site defacement is also growing.
3. Phishing and Pharming. Phishing scams rely on gaining a user’s trust, but also involve DNS compromise. Pharming involves attacks on DNS servers either through cache poisoning or illicit access in order to fool web users into providing personal financial information. Both of these activities are at epidemic levels.
4. DNS Server Compromise. This involves taking control of a DNS server to carry out illicit activities of any variety, from spam and virus distribution to the assembly of a botnet (network of slave computers). DNS server compromise is common.
5. DNS Performance. Performance is a concern with many DNS servers because they are easily overwhelmed by traffic to the extent that the rise in popularity of a Web site can have a similar effect to a DoS attack and make the Web site unavailable.
The white paper explains these five issues in depth, providing technical details and background information. It then goes on to describe Genuinely Secure DNS server technology, which is a dramatically different approach from hardening software to minimize exposure to insecurities.
The white paper is available for free on Secure64’s Web site at http://www.secure64.com