Advertisement
Promo

Security threats Toolkit

Half of DNS servers vulnerable to attack

Colin Barker ZDNet.co.uk

Published: 20 Nov 2007 13:37 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

The security of DNS continues to be an issue for network administrators, despite the availability of more secure DNS servers such as BIND 9, according to a survey released on Monday by network appliance company, Infoblox.

According to the survey, DNS (Domain Name System)  infrastructure is modernising and coalescing around the most recent versions of BIND — a type of DNS server software. However, a problem Infoblox noted was that over 50 percent of DNS servers still allow recursion and zone transfers, "indicating that the global DNS system is as vulnerable as ever". Recursion can leave DNS systems vulnerable to DNS cache poisoning and amplification attacks that can "bring down major networks", said Infoblox.

The survey, conducted over the past three years, found the DNS system is growing overall, which is an indicator of internet growth in general.

Homebrew blog

Homebrew Blog
Tell us about your home tech and you could win a car

Blog about your pet project for a chance to win a Toyota Prius

Read this+

At the same time, the use of BIND 9 DNS server code is increasing more quickly than other varieties of DNS server code. Infoblox considers BIND 9 more secure than older versions of BIND, as it "has a substantially better security track record ", according to Cricket Liu, Infoblox vice president of architecture.

Meanwhile, Microsoft DNS Server, which Infoblox considers a less secure type of DNS server code, has charted a continual rapid decline for three years. "Microsoft DNS Server's [market] share continued its dramatic decline, from about 4.6 percent to 2.7 percent," wrote Liu. "Perhaps this is because administrators have become warier of exposing the Microsoft DNS Server and Windows operating systems directly to the internet."

Microsoft DNS Server market share fell from 10 percent in 2005, to 4.6 percent in 2006, then to 2.7 percent in 2007, according to the survey. Infoblox said that its decreased use was a positive step.

The survey was based on a sample that included five percent of the IPv4 address space — nearly 80 million addresses.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
6 out of 8 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:





Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Beware of keeping your head in the clo...

Information security professionals can look forward to a deepening appreciation for their skills as security continues to be recognised as an essential element for doing business in... More

1 comment

Civil liberties groups attack file-sha...

Civil liberties and digital rights organisations have strongly criticised Lord Mandelson's Digital Economy Bill. Liberty said in a position paper on Tuesday that the bill, part of... More

Post a comment


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters