Filed under Hacks
Tagged as attack, DNS
The H has a report that InterNetX’s DNS servers were taken down Wednesday by a severe DDoS attack.
Around 1 PM CET on Wednesday, domains hosted at InterNetX were difficult, if not impossible, to reach. The host has since added technical filters to mitigate the effect of the attacks; the service is now basically back up and running. Sometime today, the firm hopes to make public details of the attack.
Since 2004, InterNetX has been a part of the United Internet Holding. The firm says that it currently hosts some 2.9 million domains in addition to Schlundtech’s domain reselling business. A spokesperson from 1&1 said the problem did not affect other domains hosted by providers within United Internet, such as 1&1 and GMX. InterNetX’s DNS servers were also under a massive DDoS attack at the end of 2008.
Source: The H Online
Filed under Privacy
Tagged as DNS, paypal
Unicode is great because it supports multiple languages simultaneously, bringing international understanding, universal peace, and planetary love. And so is ICANN’s decision to allow domain names that use non-Latin alphabets. Until both combine to steal your credit card numbers.
Or your login name, passwords, address, or whatever other data a phishing site can get from you.
Until now, there was an easy way to test if a site was legit or not: You just look at the browser URL. If it’s not paypal.com or amazon.com or whatever.com, then it’s not those companies’ web sites, no matter how well they clone their layout and graphics.
The problem will come in 2010. That’s when sites’ URLs would start popping in non-Latin alphabets like Cyrillic. And that’s when there will be cases of mistaken identity: Just check the image above, in which the russian word “raural” becomes “paypal.”
Source: Gizmodo
Filed under Hacks
Tagged as attack, DNS
Domain-name service (DNS) provider UltraDNS was targeted with a denial-of-service attack two days before Christmas, leaving some last-minute shoppers reportedly unable to connect to major retailers such as Amazon and Wal-Mart for a brief period.
Around 4:45 pm PT, UltraDNS noticed “an abnormal spike in queries,” which it identified as a denial-of-service (DoS) attack, Allen Goldberg, vice president of corporate communications at Neustar — UltraDNS’s parent company — said in a statement. The attack only affected Web surfers in the Northern California area and lasted less than an hour, the company stated.
The attack caused connectivity issues with Amazon and its Web services, according to media reports.
The attack is the second in as many weeks that targeted a critical piece of the Internet’s infrastructure, the domain name system (DNS). The week before Christmas, Twitter suffered an outage after an attacker with access to the company’s DNS account changed its settings, rerouting visitors to a defacement page.
Source: Security Focus
Filed under Security
Tagged as DNS, DNSSEC
Domain Name Security Extensions (DNSSEC) have been implemented in the registry of the .us top-level Internet domain.
Neustar Inc., which has operated the .us registry since 2001, received permission to apply DNSSEC in October and signed the .us zone earlier this month. The company said it will encourage domain name registrars and registrants to incorporate a digital signature via DNSSEC into their domain records in early 2010.
The .us domain, one of a number of country codes used to identify the location of an entity within its Uniform Resource Locator (URL), joins a growing number of top level domains — including .gov and .org — getting ready to secure the Internet’s Domain Name System by digitally signing DNS requests and responses.
Source: GCN
Filed under Software
Tagged as DNS, google, TOR
A bug in the latest version of the Google Chrome browser could leak the identity of users trying to surf anonymously, developers warn.
The flaw means that domain-name queries are made by a user’s local network even when Chrome is configured to used a third-party proxy. Users typically use proxies to conceal their local IP address in an attempt to browse anonymously. When the feature is set up, domain-name queries are supposed to be funneled through the proxy, rather than being made by a user’s local network.
“This presents a serious risk for the users of the services such as Tor, as their DNS data and the little anonymity they have with Tor is leaked outside and in the clear,” according to an advisory published Monday on the Full-Disclosure mailing list.
Short for the onion router, Tor is a free service that routes internet connections through an unpredictable series of IP addresses to prevent the true source of a user’s connection from being detected. It is used by configuring a browser or other internet-facing application to use an IP address that belongs to the Tor project. Those using Chrome 3.0.195.33, the most recent version of the Google browser, receive no such protection.
Source: The Register
Filed under Networking
Tagged as DNS, google
Google takes another step closer to owning the internet by releasing its public DNS system today. While the service is most likely more reliable and secure than your ISP DNS, the security implications of Google owning even more of your traffic are troubling. It is possible that, combined with adsense and search indexing, that Google could trace virtually all your travels on the internet.
Google DNS
Filed under Networking
Tagged as DNS
VeriSign announced plans on Monday to roll out the DNSSec security standard for the web’s .com and .net Top Level Domain Names (TLDs) by the first quarter of 2011.
Short for Domain Name System Security Extensions Protocol, DNSSec is designed to guard against “man in the middle” and cache poisoning attacks that create a means for hackers to hijack web browsing sessions.
DNSSec adds digital signature to domain name requests, thus making the system more secure. The technology has existed for more than a decade but it was only after Dan Kaminsky discovered a block-buster DNS flaw last year that anybody started paying serious attention to architectural shortcomings that have plagued the net’s domain name system since its very beginning.
More at: The Register
