DNSSEC Compromised Again?

"DNS Security Extensions is supposed to be the technology that helps to secure the Domain Name System, or DNS , against attack. Yet DNSSEC servers aren't always infallible, as a pair of vulnerabilities proved this week.

"While it's critical to the operation of the Internet as a whole, DNS came under intense scrutiny in 2008 after security researcher Dan Kaminsky disclosed that it was at risk from a widespread vulnerability. Developing a long-term solution to DNS security problems is what the creation of DNSSEC is all about.

"Yet, this week, researchers identified DNSSEC itself as being at risk from a cache-poisoning attack."

Complete Story

Related Stories:

• DNSSEC under attack?(Nov 30, 2009)
• What DNS Is Not(Nov 09, 2009)
• Open-source Project Aims to Makes Secure DNS Easier(Jul 31, 2009)
• BIND 10 starts development(Apr 24, 2009)
• Learning to Use DNS Tools(Feb 03, 2009)
• Coalition to Secure DNS Takes Shape(Dec 08, 2008)
• IETF: Should We Ignore the Kaminsky Bug?(Nov 21, 2008)
• Networking 101: Understanding IP Addresses(Jul 25, 2008)