Survey: 1 in 4 DNS servers still vulnerable to Kaminsky flaw

Annual report shows 25 percent of DNS servers still susceptible to cache poisoning via the Kaminsky flaw, 40 percent vulnerable to distributed denial of service attacks

Despite industry efforts to lock down DNS servers, one in four remain vulnerable to cache poisoning due to the well-documented Kaminsky flaw identified earlier this year and another 40 percent could be considered a danger to themselves and others, recent research shows.

According to the fourth annual DNS report issued by The Measurement Factory, 25 percent of DNS servers in the sample group have not been upgraded to perform source port randomization, which is considered the patch for the vulnerability identified earlier this year by Dan Kaminsky, director of penetration testing at IOActive. The industry group bases its study on a sample that includes 5% of the IPv4 address space, or 80 million addresses.

"A surprising number of have not been upgraded and are very vulnerable to cache poisoning," according to a press release from IP address management vendor Infoblox and DNS service and tools provider DNSstuff.

A separate survey of 466 enterprise online customers conducted by DNSstuff in September revealed that 9.6 percent hadn't patched their DNS servers yet and 21.9 percent didn't know if they were patched. The findings show that despite the DNS community's and several vendors' efforts, a significant number of server administrators have yet to take action. As for the reasons behind the lack of patches, more than 45 percent cited a lack of internal resources, 30 percent said they were unaware of the vulnerability and 24 percent reported they didn't have enough knowledge of DNS to take the appropriate steps. DNSstuff's customer research also found that the most common DNS issues include e-mail downtime for 69 percent, distributed denial-of-service (DDoS) attacks and cache poisoning attacks for nearly half of respondents and spoofing for 18.5 percent.

Another potentially worrisome finding is that more than 40 percent of Internet name servers allow recursive queries, leaving "millions of open recursors on the Internet, a danger both to themselves and others -- they are vulnerable to cache poisoning and DDoS attacks," The Measurement Group reports. Another 30 percent of those addresses sampled allow zone transfers to arbitrary requesters, which make servers targets for DoS attacks.

"Even if an enterprise has gone to the trouble of patching against the Kaminsky vulnerability, there are many other aspects of configuration, like recursion and open zone transfers, that should also be secured," said Cricket Lui, vice president of architecture at Infoblox, in a press release. "If not, organizations are essentially locking their door to the house, but leaving the windows wide open."

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags dns flawKaminsky

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Denise Dubie

Network World
Show Comments

Cool Tech

Breitling Superocean Heritage Chronographe 44

Learn more >

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?