DNS servers across the Internet running BIND are not up to date with security patches and software updates. As a result, a significant fraction of the Internet's DNS servers is vulnerable to compromise, subversion, denial of service, and general misuse. Considering that DNS is the lynchpin of the corporate enterprise, the impact of these vulnerabilities is significant and a successful attack could bring down any online business.
Abstract
This Research Report presents an overview of the current security posture of DNS servers found across the Internet. The report also covers the following:- A summary of some of the finer points of the DNS protocol
- A discussion of why DNS is such a key component in the infrastructure of the Internet
- A summary of the BIND software, the most widely used DNS implementation available
- A presentation of empirical data that underscores the past and present state of security in BIND servers, including correlating the meteoric increase in size of the code-base with the number of publicly-reported vulnerabilities
Introduction
The Domain Name System (DNS) is the protocol that makes up the Internet's distributed name and address database. Originally implemented to make the Internet user-friendly, DNS quickly became the lynchpin in the intricate engine under the hood of the Internet. To understand why, we must first understand a bit about how the Internet is put together at the network level.The link for this article located at Mike Schiffman is no longer available.
