DNS Protocol Suffer from the Major Vulnerability, Leaving user under Risk

Share it:
After the discovery of the major vulnerability "Heartbleed" on the Open SSL, many of the organisation is being found a victim of the vulnerability. Two days before another major vulnerability dubbed as Covert Redirect were reported on the authentication OAuthand OpenID. But this may not the end till yet, as another  security vulnerability is being reported.

A significant new security vulnerability has been found in the DNS protocol by a group of Israeli students from the Technion’s Department of Computer Sciences, which allows the attackers to redirect users to a website they control.

The Technion Students, Roee Hay and Jonathan Kalechstein from the Faculty of Computer Science, discovered a Loophole in Security of the DNS Protocol whichallows attackers to be redirected to a bogus website while they are trying to visit a legitimate one.

What is DNS?
DNS is the master address list for the Internet, which translates IP addresses into human readable form and vice versa. The DNS translates Internet domain and host names toIP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.

The researchers have discovered a way to force DNS servers for asking information to a specific server controlled by attackers that could respond with fake IP addresses.

Dr. Gabi Nakibly. explains the process as follows,
“During the resolution of name to IP address, DNS servers look for the server storing the corresponding IP address,” “The weakness that the students found allows hackers to compel a DNS server to connect with a specific server chosen out of a set of potential servers. If that server is controlled by the attacker, that DNS server will receive a false IP address. This type of cyber attack gives hackers an advantage, by causing computers to ‘talk’ with network stations that they alone control without being able to detect the occurrence of the fraud.”

With the vulnerability, attacker can  redirect the mass number of users to the to a website they control to serve a malware or a phishing website to steal the users information.

“We were very surprised to find a loophole in the protocol,” “We reported it to the authorities responsible for its implementation, they responded that they were unaware of this problem, and added that they will replace the algorithms in the next software version release.” commented said Kalechstein.

As the discovery was a result of the research conducted by the Students at Technion, security experts haven’t observed attacks exploiting the flaw.
“Since this is a complex attack chances are hackers won’t use it. Still, it’s always important to protect yourself before entering important websites like banks, health clinics and so on, in addition to making online credit-card payments as secure as possible. The best means of defense is to verify the website’s digital signature. Any self-respecting website has a digital signature, you can check it using your browser and make sure it’s real,” said AlonGoldfiz, senior systems engineer at Fortinet..
What to DO?
Till yet a patch of the vulnerability is not been released, so  users are advised to check the URL of the visiting link and also check the URL of the page which asked for any credentials. And for malicious page, keep your antivirus or anti malware program update and also you can install the various browser extension of the antivirus.

Scource:- Securityaffairs
Image:- THN
Share it:

News

Security

Vulnerability

Post A Comment:

0 comments:

Follow by Email