ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] Study Finds Some DNS Servers Still Not Patched Against Cache Poisoning Flaw

  • To: Ga <ga@xxxxxxxxxxxxxx>, ICANN Policy staff <policy-staff@xxxxxxxxx>, "twomey@xxxxxxxxx" <twomey@xxxxxxxxx>
  • Subject: [ga] Study Finds Some DNS Servers Still Not Patched Against Cache Poisoning Flaw
  • From: "Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>
  • Date: Tue, 11 Nov 2008 00:02:20 -0800

All,

  Well it seems that errant DNS configurations is still largely
not been adaquately addressed by ICANN's SSAC and
others..

See:
(November 10, 2008)
A recent survey of Domain Name System (DNS) servers found that despite
widespread press coverage given to a critical DNS vulnerability earlier
this year, 25 percent of servers that allow open recursion have not yet
been patched.   According to the study, 45 percent of administrators
responding to the survey said they lack the necessary resources to
address the DNS vulnerability, and 30 percent said they do not know
enough about DNS to do so.  The survey also shows that 90 percent of DNS
servers are running recent versions of the Berkeley Internet Name
Domain, or BIND 9; there has also been a significant decrease in the use
of Microsoft DNS Server, which is not highly secure.  One disappointment
is the low rate of adoption of DNSSec, "a security protocol that allows
DNSD queries and answers to be digitally signed and authenticated;"
those statistics could change as .gov domains in the US are required to
implement DNSSec by the end of 2009.
http://www.gcn.com/online/vol1_no1/47524-1.html?topic=security
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9119724&source=rss_topic17

http://dns.measurement-factory.com/surveys/200810.html

Regards,

Spokesman for INEGroup LLA. - (Over 284k members/stakeholders strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln
"YES WE CAN!"  Barack ( Berry ) Obama

"Credit should go with the performance of duty and not with what is
very often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B;
liability depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS.
div. of Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail
jwkckid1@xxxxxxxxxxxxx
My Phone: 214-244-4827



<<< Chronological Index >>>    <<< Thread Index >>>