Kaminsky: Many ways to attack with DNS

Dan Kaminsky says that SSL sites are also vulnerable to the DNS flaw he discovered.

There were 6 a.m. calls from Finnish certificate authorities and also some pretty harsh words from his peers in the security community, even an accidentally leaked Black Hat presentation, but after managing the response to one of the most highly publicized Internet flaws in recent memory, Dan Kaminsky said Wednesday that he'd do it all over again.

Kaminsky's full-time job over the past few months has been working with software vendors and Internet companies to fix a widespread flaw in the DNS (domain name system), used by computers to find each other on the Internet. Kaminsky first disclosed the problem on July 8, warning corporate users and Internet service providers to patch their software as quickly as possible.

On Wednesday, he disclosed more details of the issue during a crowded session at the Black Hat conference, describing a dizzying array of attacks that could exploit DNS. Kaminsky also talked about some of the work he'd done to fix critical Internet services that could also be hit with this attack.

See all the Kaminsky-DNS stories here

By exploiting a series of bugs in the way the DNS protocol works, Kaminsky had figured out a way to very quickly fill DNS servers with inaccurate information. Criminals could use this technique to redirect victims to fake Web sites, but in Kaminsky's talk he described many more possible types of attacks.

He described how the flaw could be used to compromise e-mail messages, software updating systems or even password recovery systems on popular Web sites.

And though many had thought that SSL (Secure Socket Layer) connections were impervious to this attack, Kaminsky also showed how even the SSL certificates used to confirm the validity of Web sites could be circumvented with a DNS attack. The problem, he said, is that the companies that issue SSL certificates use Internet services like e-mail and the Web to validate their certificates. "Guess how secure that is in the face of a DNS attack," Kaminsky said. "Not very."

"SSL's not the panacea we would like it to be," he said.

Another major problem has been what Kaminsky says is the "forgot my password" attack. This affects many companies that have Web-based password recovery systems. Criminals could claim to have forgotten a user's password to the Web site and then use DNS hacking techniques to trick the site into sending the password to their own computer.

In addition to the DNS vendors, Kaminsky said he'd worked with companies such as Google, Facebook, Yahoo and eBay to fix the various problems related to the flaw. "I do not want to see my cell phone bill this month," he said.

Although some conference attendees said Wednesday that Kaminsky's talk was overhyped, OpenDNS CEO David Ulevitch said that the IOActive researcher has performed a valuable service to the Internet community. "The entire scope of the attack is even yet to be fully realized," he said. "This affects every single person on the Internet."

There have been some hiccups, however. Two weeks after Kaminsky first discussed the problem, technical details of the bug were accidentally leaked to the Internet by security company Matasano Security. Also, some high-traffic DNS servers stopped working properly after the initial patch was applied, and several firewall products that do Internet Protocol address translation have inadvertently undone some of the DNS changes made to address this problem.

In an interview after his Black Hat presentation, Kaminsky said that despite all the hassles, he'd still do the same thing again. "Hundreds of millions of people are safer," he said. "Things didn't go perfectly, but it went so much better than I had any right to expect."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Robert McMillan

IDG News Service
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?