Today's Best Tech Deals
Picked by PCWorld's Editors
Top Deals On Great Products
Picked by Techconnect's Editors
Crooks Redirect Your Browser to Their Scam Web Sites
Danger level: High | Likelihood: High | Target: Businesses
Odds are, you use Domain Name System servers every day. They translate human-friendly names like "www.pcworld.com" into the numerical IP addresses that computers use to find each other on the Internet. Your ISP has its own DNS server, as do most companies. The Internet can't get by without them.
But more than a million DNS servers around the world--up to 75 percent of all servers, according to networking firm The Measurement Factory--run old or misconfigured DNS software. Such systems are subject to a wide enough range of serious attacks that the SANS Institute, a computer security research and education organization, lists DNS software as one of the top 20 Internet vulnerabilities. For example, it was widely reported that cybercrooks used misconfigured DNS servers in lethal denial-of-service attacks that forced antispam firm Blue Security to shut its doors permanently in May.
Attacks work in several ways. One tactic is "cache poisoning," where an offender can simultaneously target everyone who uses the DNS server. A successful attack tricks a company's or ISP's server into sending everyone who uses it to a phishing or other malicious site. You might type 'www.americanexpress.com' or 'www.yahoo.com', but you will end up at a Web site that installs an arsenal of malware on your computer.
Another lethal ploy: When bad guys send spoofed requests to DNS servers that are recursive, the servers respond by sending answer messages to the intended victim. The responses contain more data than the original requests, which thus magnifies the attack beyond what the crooks could send themselves. The hapless victim is completely overwhelmed by garbage data and can't respond to genuine requests from regular users.
- Ask your company's IT group to make sure your DNS server is not recursive and its software is up-to-date. For more information, consult the US-CERT report.
Walmart Promo Code
Walmart promo code for an additional $10 off grocery app orders
Target Promo Code
Target discounts - 30% off Halloween costumes
Home Depot Coupon
The Home Depot coupon - 10% off $300 order
eBay coupon: $5 off first purchase
Sign up today for 15% off Overstock coupon
60% off $325+ gold & silver jewelry