Access "DNSSEC deployments gain momentum since Kaminsky DNS bug"
This article is part of the July/August 2009 issue of Why privileged account management is critical to today's data security
There's a certain Energizer Bunny quality to the Domain Name System. It just goes and goes and goes, usually without much maintenance. Problem is, while it's hassle-free, DNS usually isn't very secure. Last July, researcher Dan Kaminsky exposed DNS' worst-kept secret. His now famous cache-poisoning bug turned DNS--best known for translating human readable domain names into IP addresses that servers understand--into center stage of the computer security world. The little protocol that could was quickly the biggest problem on the Web. Suddenly, it was relatively easy for attackers to redirect requests to malicious websites where phishing attacks or SQL injections awaited. And aside from an ambitious patching effort, coordinated by Kaminsky, and pulled off by a gaggle of vendors including Cisco, Microsoft, the Internet Systems Consortium (ISC), and others, there was little in the way of a permanent fix. His bug not only kicked off a firestorm of publicity and new disclosure debates, but it cast a glaring light on DNS' shortcomings. It also renewed interest in ... Access >>>
Premium Content for Free.
ISP shutdown latest cat-and-mouse game with hackers
While the 3FN.Net shutdown had limited impact on cybercriminals, it signaled that the private sector and the government are serious about illegal activity.
DNSSEC deployments gain momentum since Kaminsky DNS bug
DNSSEC brings PKI to the Domain Name System and prevents dangerous cache poisoning attacks. Implementation difficulties and political battles, however, keep it from going mainstream.
- ISP shutdown latest cat-and-mouse game with hackers
Privileged account management critical to data security
Regulatory requirements and economic realities are pressuring enterprises to secure their privileged accounts.
Unified threat management products gaining midmarket, enterprise foothold
Unified threat management (UTM) appliances offer consolidated security services in a single, manageable firewall/VPN appliance. But purchase and use only the security options you need. Otherwise you will pay too much for the appliance and for tools that won't make your business more secure
- Privileged account management critical to data security
Editor's Desk: Google security needs HTTPS by default
Security's leading thinkers ask Google to turn on HTTPS by default for Gmail, Docs and Calendar.
Align your data protection efforts with GRC
Data protection and compliance teams battle for resources but need each other to succeed.
- Editor's Desk: Google security needs HTTPS by default
More Premium Content Accessible For Free
For many security teams, "continuous monitoring" is a vague concept associated with FISMA compliance. A continuous monitoring program can be simple ...
The variety and sheer number of network endpoints, users and devices in the enterprise today is driving IT's demands for enhanced security features ...
Enterprises leverage open source software for the perceived quality of the code, but the Heartbleed flaw has made many question their use of ...