search.internet.com

Become a Marketplace Partner internet.commerce Be a Commerce Partner Linux Today Enterprise Linux Today Apache Today JustLinux.com Linux Planet PHPBuilder All Linux Devices Technology Jobs LinuxToday Newsletters Subscribe News Subscribe PR Subscribe Security internet.com IT Developer Internet News Small Business Personal Technology International Search internet.com Advertise Corporate Info Newsletters Tech Jobs E-mail Offers

Current Newswire: Share iSCSI Volumes With Linux Clients via ZFS AMD Video BIOS Disassembler Released Building A Linux Computer: Part 5: Finishing Touches Open Source, Less Labor, More Love 5 GIMP Tricks Everyone Should Know! CLI for fun: du This is Why I Love Linux Boxee now open to all Ubuntu users A New, Easy To Use Disk Formatter For GNOME Help On The Way: Five Great Linux Support Sites Unix/Red Hat Systems Adminsitrator The Computer Merchant, Ltd US-PA-Lansdale Post A Job | Post A Resume IETF: Should We Ignore the Kaminsky Bug? Nov 21, 2008, 17 :33 UTC (0 Talkback[s]) (1620 reads) (Other stories by Carolyn Duffy Marsan) "In July, security researcher Dan Kaminsky discovered a DNS bug that allows for cache poisoning attacks, where a hacker redirects traffic from a legitimate Web site to a fake one without the user knowing. With DNSSEC, the IETF already has a solution to the Kaminsky problem and other known DNS vulnerabilities. However, DNSSEC hasn't been widely deployed, although it has been under development for more than a decade. "DNSSEC prevents hackers from hijacking Web traffic and redirecting it to bogus sites. The Internet standard prevents spoofing attacks by allowing Web sites to verify their domain names and corresponding IP addresses using digital signatures and public-key encryption. "The problem is that DNSSEC prevents Kaminsky attacks only when it is fully deployed across the Internet -- from the DNS root zone at the top of the DNS heirarchy down to individual top-level domains, such as .com and .net. Until then, Web sites remain vulnerable to Kaminsky-style attacks." Complete Story Related Stories: Nominum Solves Kaminsky Attack(Aug 27, 2008) Where Are All the Dangerous DNS Exploits? Nowhere and Everywhere(Aug 08, 2008) How To Patch BIND9 Against DNS Cache Poisoning (Debian/Fedora/CentOS)(Jul 29, 2008) DNS Patch Causes BIND Blunder(Jul 29, 2008) Lesson From the DNS Bug: Patching Isn't Enough(Jul 25, 2008) Researcher Spills Beans on DNS Flaw Specs(Jul 23, 2008) Preventing DNS Poisoning in Linux(Jul 12, 2008) No talkbacks posted.   Home | Search Talkbacks | Customize View    Top of Page   Enter your comments below: * Your Name: * Your Email Address: * Subject: CC: [will also send this talkback to an E-Mail address] * Comments: Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content. Fields marked with * are required!

All times are recorded in UTC. Linux is a trademark of Linus Torvalds. Powered by Linux, Apache and PHP Search: Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia Jupitermedia Corporate Info Legal Notices, Licensing, Reprints, Permissions, Privacy Policy. Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers Solutions Whitepapers and eBooks Avaya Article: Developing Speech Grammars that Rock, Part 2: Grammar Tuning Microsoft Partner Portal: Hyper-V Vaults Microsoft into Virtualization Race Small Business Solution Exchange: The Pros and Cons of Outsourcing Enterprise Emails Avaya Article: JSR 289: SIP Servlet 1.1 Provides Significant Benefits for SIP Application Developers   Microsoft Article: Build and Run Virtual Machines with Hyper-V Server 2008 Internet.com eBook: Real Life Rails Internet.com eBook: Best Practices for Developing a Web Site MORE WHITEPAPERS, EBOOKS, AND ARTICLES Webcasts HP Webinar: Virtualization for Business Critical SAP on SQL Server Microsoft Partner Portal Video: Microsoft Gold Certified Partners Build Successful Practices   Rackspace Hosting Center: Customer Videos MORE WEBCASTS, PODCASTS, AND VIDEOS Downloads and eKits IdeaBlade Download: DevForce EF--Developing for LINQ and the Entity Framework Microsoft Download: Silverlight 2 SDK 30-Day Trial: SPAMfighter Exchange Module Iron Speed Designer Application Generator   Microsoft Download: Silverlight 2 Developer Runtime (Windows) IdeaBlade Download: .NET Programming with DevForce Classic MORE DOWNLOADS, EKITS, AND FREE TRIALS Tutorials and Demos Online Demo: IBM Cognos 8 Business Intelligence Reporting   MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES