Month
April 2017

7 DNS Security Threats That Can Leave Your System in Ruins

DNS, by virtue of its simplistic design, is open to breach. Businesses have continuously faced threats and attacks by hackers trying steal data or corrupt their servers. To keep your organization safe, www.bluecatnetworks.com offers a variety of services to manage, secure and protect your DNS from third party attacks like the following.

Kaminsky Bug

Source

Discovered by researcher Dan Kaminsky in 2008, the Kaminsky bug was a serious weakness in the DNS systems that could poison the cache provided by the ISPs by compromising the root servers. In one of the rare instances of prevention before attack, the flaw was detected before it could be exploited on a large scale and Kaminsky and his team were successful in plugging it.

Widespread DDoS

DDoS or Distributed Denial of Service Attacks are particularly efficient at scrambling DNS tables and denying service to users. On October 21, 2002, hackers attacked and compromised 9 of the 13 DNS root servers in an unprecedented scale of attack. Added security failed when an even larger attack successfully disrupted services in February 2007.

Conficker

Source

Conficker was a worm that targeted vulnerable Windows devices and generated tens of thousands of domains in order to replicate itself and distribute its command and control centers. It was finally brought to heel by an organized effort by Microsoft, ICANN, law enforcement and other agencies.

Hijack of ICANN’s domains

Source

The global repository for domain names was attacked by a team of hackers going by the name NetDevilz. On visiting icann.org, users were greeted by a message from the attackers. Though the change was reset within 20 minutes, erroneous information had already been propagated through the channels and users continued to see the message for 48 hours.

Security Firm Bankrupted by DDoS

Source

Israeli-American startup Blue Security was the victim of a concentrated DDoS attack by spam networks after its controversial anti-spam software Blue Frog tried to give the spammers a bit of their own medicine. Realizing it was being attacked, the security firm redirected its DNS records to its corporate blog hosted by Six Apart, which in turn, suffered major losses due the volume of attack. Two weeks later, Blue Security was out of business

Massive Cyber Attack takes down multiple sites

Proving that even all these added security is not enough, a massive cyberattack took down multiple websites like Netflix, Twitter, Etsy, Github, Vox, Spotify and Reddit in October 2016. A tweet by WikiLeaks implied that the attack was organized in protest against the manhunt for WikiLeaks founder Juliane Assange.

 

What You Need To Know About The DNS Firewall

DNS: The Connective Tissue Of The Internet

Canadian businesses are typically fairly knowledgeable and savvy when it comes to technology. By necessity, however, most businesspeople do not have intimate knowledge of the behind-the-scenes processes that make the internet work. Hopefully, more Canadian businesspeople will learn about the salutary advantages of using a DNS firewall. To fully explain what you should know about the DNS firewall, it is helpful to start with a quick primer on DNS. Also called the domain name system, DNS is essentially the connective tissue of the internet. A kind of virtual address book, DNS is the fundamental technology that allows your browser to find your favorite websites. To a layperson, using the web is as simple as typing in something like “MyFavoriteWebsite.Com.” On a basic level, however, internet IP addresses look like this: 4.382.43.99. DNS is the system that converts the alphanumeric URL you type into the numeric IP address that truly identifies a remote server in the network.

A New Type Of Firewall That Works

A DNS firewall is a tool that harnesses the power of DNS routing for your benefit. Normally, you would rely on your internet provider to handle all DNS routing. In most respects, ISPs are authoritative institutions that you can trust. However, most ISPs still treat all DNS requests equally and without discrimination. This means that your ISP will not interfere if you accidentally direct your browser to a known malicious site. Neither will the ISP normally take action to stop incoming DNS traffic from suspicious hosts. Hopefully, ISPs will learn how to better balance impartial traffic management with the security needs of clients. You may be able to learn more at the www.bluecatnetworks.com website.

Using a DNS firewall, you can proactively introduce selectivity into the way your system interacts with remote servers. Available as a hardware device or a software solution, the DNS firewall automatically blocks all incoming DNS requests from known bad actors. Just as importantly, the DNS firewall (DNSF) provides you with the tools you need to identify and block intrusions from malicious sites that were previously unidentified.

DNS-Based Hacking: A Growing Threat

Securing a DNSF could represent one of the most important investments you’ll ever make for your business. Because security researchers have closed many of the loopholes that previously abetted hackers, DNS-based attacks are increasingly important components of the hacking toolbox. DNS signalling is one off the most alarming ploys in DNS-based hacking. Put simply, DNS signalling is a kind of false messaging that can allow malicious parties to literally take control of your DNS requests. Hackers can use DNS signalling to direct you to malicious, counterfeit web servers. With a DNSF, you can protect yourself from this and many other related hacker tactics.