Internet ‘Poisoning’ Opens Corporate Networks Security Vulnerability
Identity Theft a ‘Doddle’ and Email and Web Browsing Information Insecure
Integralis introduces 3 point security solution
Theale, Reading – 30 July 2008 – A major new security risk, ‘DNS cache poisoning’, has been discovered which can reroute web browser and email traffic to fraudulent criminal servers without the security protection in place being aware of any problems. Integralis has introduced a three point solution which will provide an immediate fix to eliminate these security risks and will also address and provide long term protection.
Graham Jones, UK Managing Director at Integralis adds, “With email and browser based ‘in the cloud’ applications playing a major part in day-to-day business transactions, a security breach of this kind could have catastrophic business and personal implications. Identity Theft and Business Espionage are immediate threats and stolen competitive information could be sold to the highest bidder. Our three point solution puts an immediate stop to any security breaches and enables future security problems to be managed correctly”.
The security vulnerability has been found in the control of the internet DNS (Domain Name System) ‘translation and routing’ system. The vulnerability allows a hacker to reroute information sent to across the internet, in such a way that existing security software and appliances may not detect a security problem. Once the routing has been changed the hackers can then extract any information transmitted. This can enable identity theft and major criminal activity on both a personal and business basis.
DNS Cache Poisoning - is a hacking attack technique that allows an attacker to introduce ‘fake’ DNS information into a caching nameserver (a computer that converts domain names into appropriate IP addresses and vice versa acting as the translation and routing interface for email servers and web browsers). The same ‘poisoned’ DNS information can also be held on a workstation if DNS caching is also set up at a workstation level.
Once ‘poisoned’ the DNS routing is changed to take legitimate URL requests and send them to a ‘rogue’ server, which looks and acts like the actual server. Because the link has been made via a valid nameserver existing email and web browsers could see no security issue as the nameserver is deemed ‘trustworthy’.
Unlike phishing attacks where an email has an embedded link to a fake address, DNS poisoning makes the fake address appear 100% legitimate and therefore can bypasses security already in place.
The Integralis three point solution
1) FAST STOP - An immediate and comprehensive solution to stop the security breach is to install and configure the Infoblox DNSone® security package to use the root DNS servers and only trust authoritative name servers. This will address the vulnerability for all email and internet traffic immediately. Once implemented, individual patches can be applied across the network in the knowledge that any poisoned DNS addresses will be nullified by the DNSone solution.
2) PATCH - Integralis will then work directly with security vendors to supply details of software patches available to close this security vulnerability. The patches can be applied directly by users or by Integralis. Patches will need to be applied to all network security appliances, network servers and clients which cache DNS information.
3) ASSESS - An assessment of current security protection which will enable an organisation to gain a good understanding of the information security issues they may have and to develop an action plan for long term protection to ensure they have the right controls in the right place.
How DNS is utilised
DNS is responsible for translating internet addresses into technical IP addresses which are used to route web browsers and emails to the correct servers. DNS validity is checked by web email servers and browsers such as Microsoft Internet Explorer, Mozilla Firefox, Apple Safari and Opera, to ensure that the internet address being used is safe, secure and valid.
About Integralis AG
Integralis AG (listed in the Prime Standard of the German stock exchange, ticker symbol AAGN, ISIN DE0005155030) is the leading focused Global Security Services Provider. Integralis manages security responsibilities for small and mid-size companies, government bodies and large corporations allowing customers to concentrate on their core business.
We advise customers on their IT Security strategy delivering consultancy, audits, risk management, comprehensive 24/7 support and implementation of the most appropriate technology from leading vendors. Integralis also implements a wide range of Managed Security Services throughout their technology infrastructures on its customer’s behalf.
Our growing corporate and government customers are supported by over 425 employees worldwide and an expanding network of 20 regional centres across Europe and the United States.
Information on Integralis is available at www.integralis.co.uk
About Infoblox DNSone®
The DNSone package delivers reliable, manageable, scalable, and secure core network services at a lower cost and with higher security than server-software and with greater network availability than any competing solution.
Information on Infoblox & DNSone can be found at www.infoblox.com
All trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners
Download images of Graham Jones, UK MD, Integralis:
Lo-res for web use:
Hi-res for print publication:
PR AGENCY: INSIGHT
Wendy Miles/Mark Robson
Account Manager/Account Director
01344 871 926/01344 871 910
firstname.lastname@example.org / email@example.com
0118 923 5338
This press release was distributed by ResponseSource Press Release Wire on behalf of Insight Marketing Concepts in the following categories: Consumer Technology, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.