Old software weakening Net's backbone, survey says
Many Domain Name System servers are wrongly configured or running out-of-date software, leaving them vulnerable to malicious attacks, according to a study published Monday.
DNS servers, which translate domain names such as "yoursite.com" into IP addresses, underpin the workings of the Internet. In its survey, Internet performance company The Measurement Factory found that the BIND software used for domain-name resolution is out-of-date on a fifth of DNS servers.
DNS servers that run versions of BIND earlier than version 9 are "opening the door" to pharming attacks--a kind of phishing attempt--through DNS cache poisoning, the company said in its report.
DNS cache poisoning involves hacking into DNS servers and replacing the numeric IP addresses of legitimate Web sites with those of malicious sites. Internet users are then redirected to fake Web pages where they may be asked for information such as bank account details or unwittingly have spyware installed on their PCs.