The 5 Reasons to Worry about Your DNS
DNS servers are one of the most critical, yet vulnerable, network infrastructure applications
“Security is a complete myth on the Internet. It’s frustrating. That’s what it is.”
2001 may seem like a long time ago, but in truth, the various DNS servers that are deployed around the world are no more secure now than they were then. Indeed all of the DNS security attacks, from Denial of Service attacks to complete DNS server compromise are far more common now than they were six years ago. And the hackers are more ambitious too. In February of this year, in a mass pharming attack, hackers set up 50 spoof web sites for 50 different financial institutions from North America, Europe and Asia in an attempt to steal the personal financial details of web users. And in the same month, hackers launched a massive attack on the 13 root servers that run the Internet in an attempt to bring the Internet to a grinding halt. They failed, but nevertheless, for a while they caused problems with six of the 13 servers, neutralizing two of them.
The Domain Name System
Every web site has a DNS server that points to it, and every ISP provides web users access to the Internet through a DNS server. Collectively these DNS servers make up most of the global Domain Name System that makes the modern miracle of the Internet possible. The DNS translates domain names (names of computer hosts) into numerical IP addresses in the same way that a phone book links people’s names to phone numbers. It translates a domain name like www.ExampleWebSite.com into an IP address like 22.214.171.124. The IP address can then be used to route requests or email from any computer anywhere to some other computer somewhere else. Every time you use a browser or send an email you give the world’s DNS yet another little task to carry out.