Today's Best Tech Deals
Picked by PCWorld's Editors
Top Deals On Great Products
Picked by Techconnect's Editors
Crooks Redirect Your Browser to Their Scam Web Sites
Danger level: High | Likelihood: High | Target: Businesses
Odds are, you use Domain Name System servers every day. They translate human-friendly names like "www.pcworld.com" into the numerical IP addresses that computers use to find each other on the Internet. Your ISP has its own DNS server, as do most companies. The Internet can't get by without them.
But more than a million DNS servers around the world--up to 75 percent of all servers, according to networking firm The Measurement Factory--run old or misconfigured DNS software. Such systems are subject to a wide enough range of serious attacks that the SANS Institute, a computer security research and education organization, lists DNS software as one of the top 20 Internet vulnerabilities. For example, it was widely reported that cybercrooks used misconfigured DNS servers in lethal denial-of-service attacks that forced antispam firm Blue Security to shut its doors permanently in May.
Attacks work in several ways. One tactic is "cache poisoning," where an offender can simultaneously target everyone who uses the DNS server. A successful attack tricks a company's or ISP's server into sending everyone who uses it to a phishing or other malicious site. You might type 'www.americanexpress.com' or 'www.yahoo.com', but you will end up at a Web site that installs an arsenal of malware on your computer.
Another lethal ploy: When bad guys send spoofed requests to DNS servers that are recursive, the servers respond by sending answer messages to the intended victim. The responses contain more data than the original requests, which thus magnifies the attack beyond what the crooks could send themselves. The hapless victim is completely overwhelmed by garbage data and can't respond to genuine requests from regular users.
- Ask your company's IT group to make sure your DNS server is not recursive and its software is up-to-date. For more information, consult the US-CERT report.
Walmart Promo Code
Walmart promo code for an additional $10 off grocery app orders
25% off home decor - Target offer
Home Depot Coupon
Extra 10% off Home Depot coupon for back to school essentials
Save $250 on luxury-brand watches with eBay coupon
Sign up today for 15% off Overstock coupon
$549 Humboldt Queen mattress: JCPenney coupon