All the latest UK technology news, reviews and analysis
|
|
|
05 Oct 2001
Almost 80 per cent of .com websites could be compromised by hackers, according to research by DNS software developer Men & Mice.
Ongoing research has found that a quarter of Fortune 1000 companies were running servers with vulnerable DNS setups. This means that around 250 multinational corporates are at risk of losing their websites.
And it's not just hackers or worms that are the worry: there is no protection from natural outages either. If the single network segment housing their DNS servers fails, the site goes down.
Despite high profile attacks followed by higher profile warnings and advisories about configuration and flaws in the Bind software, a majority of websites still suffer from DNS bugbears.
Worryingly, the results of the latest Domain Health Survey, from August, shows that 78.96 per cent of 5000 randomly selected internet zones have incorrect setups.
Men & Mice found that a majority of errors were caused by administrators misconfiguring DNS zone setups, causing "lame delegations".
Despite leaving security holes in the system, lame delegations can cause potentially serious problems for web visitors and for delivery of mail.
If only one of the servers to which the zone is delegated has authoritative data for the zone, then if that server should become unavailable, the zone is effectively not locatable from the net. It doesn't matter if there are other servers that have authoritative data for the zone, because they are not listed in the delegation.
The report noted that although 36.16 per cent of zones block zone transfer, "this has no effect on the security of the zone data itself, and only provides security by obscurity," said Men & Mice.
A high number of vulnerable sites are also those guilty of not applying patches to fix the serious vulnerabilities found in Bind software back in January.
Men & Mice said these unpatched servers could "allow hackers to steal credit card numbers, hijack websites or redirect email traffic."
You can see the full reports here.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
CISCO CCNP NETWORK ENGINEER - INVESTMENT BANKING - LONDON...
One of London's leading retailers is currently recruiting...
Agile, Prince2. My client, a global ecommerce organisation...
E-Commerce Producer - Oxfordshire - Permanent My client...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?