DNS Threat Revealed

摘要

Us-cert, the government's cybersecurity arm, last week warned of a serious weakness in the Domain Name System protocol that could be used to send Internet users to malicious sites. In an unusual move that reflects the seriousness of the flaw, news of the vulnerability was delayed for months to give Microsoft, Cisco, Sun, and other software vendors -more than 80 were affected-time to release fixes. Details about the vulnerability and how to exploit it are being deliberately withheld, but Amol Sarwate, manager of vulnerability labs at Qualys, says the issue appears to be that the transaction ID generated in a DNS request-when querying a DNS server to link an IP address with an Internet domain name-is insufficiently random to avoid being guessed by a knowledgeable attacker.