DNS protection not good enough, says researcher
Dan Kaminsky, the security researcher who first unveiled the DNS vulnerability, has said that systems administrators are not enough to protect users.

Systems administrators are not doing enough to protect against a gaping DNS vulnerability, Dan Kaminsky has warned.
Kaminsky, the security researcher who first unveiled the security flaw earlier this month, explained that 86 per cent of computers were vulnerable on the day of release, but that just over half (52 per cent) had still to protect against the problem by installing software updates.
"Not perfect; not even good enough," said Kaminsky, speaking in a webinar prior to the Black Hat security conference, although he would "take 52 any day of week and twice on Sunday."
Kaminsky discovered the flaw six months before its release, but had kept details quiet while an unprecedented effort involving Microsoft, Sun and Cisco was underway to develop fixes.
The flaw affects the DNS system, which translates web addresses into IP addresses. The flaw can poison DNS records so that users will be redirected to malicious websites, even if they typed the correct address of a legitimate website.
Previous attacks on DNS servers have been documented before, but Kaminsky's approach can speed up attacks and is therefore far more potent.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
-
The IT industry’s shift to circular, low-carbon solutions
Maximize your hardware investment and reach your sustainability goals with HP’s Renew Solutions
-
Lenovo ThinkPad X9 14 Aura Edition review
Reviews This thin and light ultraportable will draw you in with its vibrant screen – but it isn't as powerful as some of its competitors
-
DNS loophole could allow hackers to carry out “nation-state level spying”
News Sensitive data could be accessed from corporate networks using vulnerability
-
What is DMARC and how can it improve your email security?
In-depth Protect your customers and brand rep with this email authentication protocol for domain spoofing
-
Cloudflare and Apple launch privacy-focused DNS protocol
News Oblivious DNS-over-HTTPS safeguards users' browsing habits from third parties
-
What is DNS?
In-depth We explain what DNS is, how it works, and how outages can be avoided
-
D-Link routers under siege from months-long DNS hack
News The attackers are running malicious IPs through a Google Cloud Platform virtual machine
-
SMBs warned over corrupted SOHO router risk
News Team Cymru researchers claim 300,000 routers may have had their DNS settings changed by cyber criminals.
-
Will the FBI close down your online business this March?
In-depth In tackling the DNSChanger botnet, the FBI may take a load of businesses offline. Davey Winder is, unsurprisingly, anxious...
-
DNS Changer botnet smashed in major cyber crime bust
News A botnet that is thought to have earned its controllers $14 million is dismantled.