Top companies risk .com status
Ongoing research has found that a quarter of Fortune 1000 companies are running servers with vulnerable DNS setups. This means that around 250 multinational corporates are at risk of losing their websites.
Ongoing research has found that a quarter of Fortune 1000 companies are running servers with vulnerable DNS setups. This means that around 250 multinational corporates are at risk of losing their websites.
Research by DNS software developer Men & MiceAnd found that almost 80% of .com websites could be compromised by hackers.
And it’s not just hackers or worms that are the worry: there is no protection from natural outages either. If the single network segment housing their DNS servers fails, the site goes down.
Despite high profile attacks followed by higher profile warnings and advisories about configuration and flaws in the Bind software, a majority of websites still suffer from DNS bugbears.
Worryingly, the results of the latest Domain Health Survey, from August, showed that 79%% of 5000 randomly selected internet zones had incorrect setups.
Men & Mice found that a majority of errors were caused by administrators misconfiguring DNS zone setups, causing ‘lame delegations’.
Despite leaving security holes in the system, lame delegations can cause potentially serious problems for web visitors and for delivery of mail.
If only one of the servers to which the zone is delegated has authoritative data for the zone, then if that server should become unavailable, the zone is effectively not locatable from the net. It doesn’t matter if there are other servers that have authoritative data for the zone, because they are not listed in the delegation.
The report noted that although 36%of zones block zone transfer, ‘this has no effect on the security of the zone data itself, and only provides security by obscurity,’ said Men & Mice.
A high number of vulnerable sites are also those guilty of not applying patches to fix the serious vulnerabilities found in Bind software back in January.
Men & Mice said these unpatched servers could ‘allow hackers to steal credit card numbers, hijack websites or redirect email traffic.’
Links
E-business threatened by cybercrime