Critical internet fault patched
9th Jul 2008 | 11:33
DNS flaw could have brought web to its knees
A security flaw in the way computers looks up web addresses could have brought the internet to its knees, according to researchers, who have worked with major companies to patch the problem.
A DNS flaw involving the way in which someone could effectively re-route a request for a webpage to a malware 'trap' site was spotted by IOActive's Dan Kaminsky – who took the problem to major players like Microsoft, Sun and Cisco.
The companies collaborated on a solution and the latest software updates should patch the problem, according to the US Computer Emergency Readiness Team.
"An attacker with the ability to conduct a successful cache poisoning attack can cause a nameserver's clients to contact the incorrect, and possibly malicious, hosts for particular services," CERT said.
"Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker's control."
Kaminsky told AFP that the problem was on a scale not seen in the past.
"People should be concerned but they should not be panicking," Kaminsky said. "We have bought you as much time as possible to test and apply the patch. Something of this scale has not happened before."