Discover Server Security News
DNSSEC: Security for Essential Network Services
Five years later, the security issues have become much more visible -- and problematic. On October 21, 2002, in an attempt to bring down the Internet, a group of hackers from South Korea and the U.S. flooded the thirteen domain name root servers using a common DDoS (Distributed Denial of Service) attack. Seven of the thirteen servers completely failed to respond to legitimate DNS requests, and two failed intermittently. And just last month, another DNS spoofing attack rerouted traffic intended for the Al Jazeera website to an American pro-Iraqi war site instead.
Fortunately, in all cases, the top-level server administrators were able to successfully counter the attacks, but all are in agreement that they might not be so lucky next time. Clearly the DNS infrastructure has major unaddressed vulnerabilities. What is the Internet community doing to improve DNS security? Fortunately, they're not sitting around idly, as the IETF (Internet Engineering Task Force) is drafting a new standard, DNSSEC (DNS Security Extensions), to combat the threats by providing end-to-end authenticity and integrity.
The link for this article located at CrossNodes is no longer available.