Akamai Attack Reveals Increased Sophistication

Discussion in 'other security issues & news' started by the mul, Jun 23, 2004.

Thread Status:
Not open for further replies.
  1. the mul

    the mul Registered Member

    Jul 31, 2003
    Akamai Attack Reveals Increased Sophistication
    - http://www.computerworld.com/printthis/200...4,93977,00.html
    JUNE 21, 2004
    "An attack last week against Akamai Technologies Inc. demonstrated the disruption of key Web site activity that a well-placed assault on the Internet's Domain Name System can cause...The question of what went wrong at Akamai is important because of the nature of the attack, security experts said. The DNS is a critical component of the Internet because it maps Web names to IP addresses. The fact that the attackers were successful in finding these systems and then compromising them at a company that specializes in protecting the DNS infrastructure is another key concern...Some security experts, however, said a DDoS attack is unlikely to have been the cause of the problem simply because of the amount of bandwidth an attacker would have needed to overwhelm an operation such as Akamai's..."DNS is an attractive target because so many things rely on it, from the Web to e-mail to VoIP call routing," said Paul Mockapetris, inventor of the DNS and chairman of IP address management vendor Nominum Inc. in Redwood City, Calif..."

    Other DNS problems:

    - http://secunia.com/advisories/11888/

    Symantec Gateway Security Products DNS Cache Poisoning Vulnerability
    - http://www.sarc.com/avcenter/security/Cont...2004.06.21.html
    SYM04-010 June 21, 2004
    "...Symantec resolved a DNS cache poisoning vulnerability that was reported to impact the Symantec Gateway Security products...Under specific conditions and configurations, incorrect or false DNS records could be inserted into the DNS cache tables. It would then be possible that legitimate DNS requests would return incorrect responses...Symantec released a hotfix to address this issue that provides additional authentication and validation checks for each response directed to DNSd. Symantec recommends customers apply the appropriate hotfix for their affected product versions immediately to protect against this type of threat. Product specific hotfixes are available via the Symantec Enterprise Support site http://www.symantec.com/techsupp ..."

    The Mul
Thread Status:
Not open for further replies.