A Software consultant residing in Seattle named Kaminsky finally revealed the hole which stays at the heart of the Internet. His 80 minute detailed analysis mentions a catastrophic bug threatening of poisoning the machines which translate domain names into Internet protocol addresses.
The abstract point is that there is a major loop hole in the DNS system which Internet relies on since 1983. This problem arose while converting the domain names in to the respective IP address.
What Kaminsky discovered is that the safeguard to prevent tampering and DNS queries include a random transaction number. The response is only considered valid if it contains the same number and may be easily circumvented, for there are just 65,536 possible transaction ID’s. By flooding a DNS server with multiple requests for a domain name with slight variations for example 1.livearticles.info , 2.livearticles.info, 3.livearticles.info, and so on, the system can be easily compromised because it actually increases the chances of reproducing the correct number after every try by the attacker. If the attacker has a good built CPU with a descent Internet connection he can easily short burst the target.
We can only hope that this implementation is not still used by any attacker and we cannot be sure of that. Now the fortune 500 companies have their eye on Kaminsky about his warning patch. The truth is that among Fortune 500 companies, 15 per cent have yet to take any action, and another 15 per cent are still vulnerable to some extent because they use network address translation gear that prevents the patch from working.
Via: Wired
