Black Hat security conference highlights DNS Flaw

It seems as though 85 percent of Fortune 500 companies have had to patch their networks, this fix was a direct result of a security flaw. The flaw allowed cyber criminals to redirect visitors to counterfeit or malicious Web sites. This patch still leaves Internet users vulnerable to a large number of infrastructure providers who have yet to fix this security risk.

This data has been highlighted at the Black Hat security conference in Las Vegas, it was Dan Kaminsky, the Seattle based IOActive researcher who first discovered the risk. Kaminsky said that bad guys would be able to corrupt records that they could find in the domain name system (DNS). They will then be able to fill them in with inaccurate information.

It was on July 8 that a number of companies that included Microsoft, Cisco, Sun Microsystems along with a dozen others had to ship software updates to fix this fault in the DNS design.

DNS is the communication standard, it acts as what could only be described as a phonebook for the Internet.

Kaminsky said that while some 120 million which is about 42 percent of broadband users are now protected by this patch, just half of the DNS servers are now protected by this patch. In his time on the floor at the Black Hat conference Kaminsky described the many ways that a bad guy was able to steal your personal and financial data from the Internet.

For a full report on this visit: The Washington Post