Comments on: Number of Rogue DNS Servers Increasing http://cubist.cs.washington.edu/Security/2008/02/15/number-of-rogue-dns-servers-increasing/ Sun, 12 Oct 2008 20:01:15 +0000 http://wordpress.org/?v=2.6.2 By: Robert http://cubist.cs.washington.edu/Security/2008/02/15/number-of-rogue-dns-servers-increasing/#comment-1081 Robert Sat, 16 Feb 2008 07:22:50 +0000 http://cubist.cs.washington.edu/Security/2008/02/15/number-of-rogue-dns-servers-increasing/#comment-1081 There are many interesting DNS attacks that can be utilized by adversaries. Many companies fail to realize the importance of a properly secured DNS system. Since a lot of companies have their own DNS servers that serve their clients requests, an improperly secured system can allow an adversary to create a new root zone (.) on their DNS servers and then create nested zones like com, net, etc. Through this they can spoof addresses for every client behind that DNS server or simply just perform a DoS on client lookups. Adversaries can also request zone transfers from improperly secured servers and learn a lot about the internal setup of a corporate network including server names and IP addresses. It is important for ISPs and companies to secure their DNS systems because although DNS serves a simple purpose, it can be an easy target for adversaries. Simple solutions like secured zone transfers and split DNS configurations are easy to implement and can be very effective against stopping these kinds of attacks. There are many interesting DNS attacks that can be utilized by adversaries. Many companies fail to realize the importance of a properly secured DNS system. Since a lot of companies have their own DNS servers that serve their clients requests, an improperly secured system can allow an adversary to create a new root zone (.) on their DNS servers and then create nested zones like com, net, etc. Through this they can spoof addresses for every client behind that DNS server or simply just perform a DoS on client lookups.

Adversaries can also request zone transfers from improperly secured servers and learn a lot about the internal setup of a corporate network including server names and IP addresses.

It is important for ISPs and companies to secure their DNS systems because although DNS serves a simple purpose, it can be an easy target for adversaries. Simple solutions like secured zone transfers and split DNS configurations are easy to implement and can be very effective against stopping these kinds of attacks.

]]>