DNSSEC Compromised Again?
Jan 22, 2010, 12:04 (0 Talkback[s])
(Other stories by Sean Michael Kerner)
"DNS Security Extensions is supposed to be the technology that
helps to secure the Domain Name System, or DNS , against attack.
Yet DNSSEC servers aren't always infallible, as a pair of
vulnerabilities proved this week.
"While it's critical to the operation of the Internet as a
whole, DNS came under intense scrutiny in 2008 after security
researcher Dan Kaminsky disclosed that it was at risk from a
widespread vulnerability. Developing a long-term solution to DNS
security problems is what the creation of DNSSEC is all about.
"Yet, this week, researchers identified DNSSEC itself as being
at risk from a cache-poisoning attack."