Survey finds DNS servers security features good, but for the configuration

Network appliance firm, Infoblox, finds in its latest annual Domain Name System survey that more that 50% of name servers on the internet are vulnerable to pharming attacks.

An excerpt from InternetNews

The Infoblox study revealed that more than half of all DNS servers allow for recursive queries. The reason why recursive queries shouldn't be allowed unilaterally is the fact that they can be used to relay requests to other DNS servers and enable DNS pharming and poisoning attacks.

So-called phishers use DNS cache poisoning in an attack known as "pharming," in which a "poisoned" DNS server redirects users to the phisher's Web site. The "poison" is essentially false DNS information that is injected into a vulnerable DNS server.

The full report is available here.

DNS servers are responsible for mapping the domain names to IP addresses, which makes them important targets to channel traffic to scam sites. The survey found that security concerns were a main reason for wider adoption of latest version of the BIND ( Berkeley Internet Name Domain), but the lack of attention in configuring these servers was a reason for the threats.

More information:

DNS users put higher premium on security (Techworld)

DNS security improves as firms tool up to tackle spam (Register)

Half of DNS servers vulnerable to attack (ZDNet)

DNS servers still vulnerable (IT Pro)