26-04-05

DNS from ISP's are holding too long old information

a dns server holds information about which domain has which ip address and to fasten things up they keep a cache which is refreshed every so many minutes, hours or days (Time To Live). It now seems that several ISP's has put that TTL too high to keep their resources under control. The problem is that if a cache is poisioned or there is a domainname hacking (in which someone transfers illegally a domainname ex. apple.com to his own IP Address on which he is hosting a porn, game, phishing or malware server until it is discovered and changed back by the domainname seller) that bad information will stay longer online and can be spreaded through the internet again, as DNS servers refer to each others for updates. this article and discussion is long and technical and a bit chaotic, but quite interestingas anybody having a dns server nowadays should worry about its installations and security - http://ask.slashdot.org/article.pl?sid=05/04/18/198259&tid=95&tid=128&tid=4this is a good report about the media-silence around this kind of dns attacks- http://blogs.washingtonpost.com/securityfix/2005/04/radio_silence_o.html -

13:52 Gepost door technology changes fast not a lot | Permalink | Commentaren (0) |  Facebook |

De commentaren zijn gesloten.