>X-From_: [log in to unmask] Wed Jan 13 22:12:40 1999
>Envelope-to: [log in to unmask]
>Date: Wed, 13 Jan 1999 15:36:25 -0500
>To: [log in to unmask]
>From: [log in to unmask]
>Subject: File 'jan99/pr001321.txt' from NEWSdesk
>Reply-To: [log in to unmask]
>A Serious Threat to the Internet Community: One in Every Three On-line
>Organizations Risks Un-Authorized Parties Gaining Access to Their Outgoing
>Email, According to Men & Mice
>REYKJAVIK, Iceland, Jan. 5 /PRNewswire/NEWSdesk -- Software developer Men
>discovered, while testing the latest version of DNS Expert, its DNS (Domain
>Name Server) analysis tool, that approximately one in every three on-line
>organizations is vulnerable to a serious Internet security problem called DNS
>spoofing. These organizations run the risk of un-authorized parties gaining
>access to their outgoing e-mail or their employees being directed to Internet
>sites run by hackers.
> Says Cricket Liu, DNS consultant and co-author of the books "DNS & BIND"
>and "DNS on Windows NT": "DNS spoofing is a very real threat to the integrity
>of activity on the Internet, whether commercial or casual. A successful
>spoofing attack could cause significant damage to an organization's
>reputation, to its customers and correspondents. It's almost a wonder that we
>haven't seen more such attacks on the network."
> Most top-level business managers are not aware of the financial and
>security risks associated with DNS spoofing. The good news is that this
>security problem can easily be diagnosed and solved. Information on tools to
>diagnose the problem and some available solutions may be found at
> What is DNS spoofing?
> DNS spoofing is a term used when a DNS server accepts and uses incorrect
>information from a host that has no authority supplying that information.
>Spoofing attacks can cause serious security problems for companies vulnerable
>to such attacks, for example causing e-mails to be routed to non-authorized
>mail servers, or users to be directed to wrong Internet sites. "To picture
>the potential damage," Cricket Liu points out, "envision visiting your bank's
>web site to transfer funds from one account to another. Unfortunately, the
>web site seems to be having problems: After entering your account information
>and PIN, you still can't access your account data. The web site reports a
>'temporary failure' and invites you to try again later. What you don't
>realize is that the web site you see is actually a near-exact replica of your
>bank's web site -- startlingly easy to create -- and that you've just sent
>your account number and PIN to hackers in another part of the world. Though
>you entered the correct URL, your local name server had been spoofed into
>believing that the bank's domain name corresponded to the address of a web
>server run by hackers."
> What can be done?
> In order to prevent many sources of Internet attacks, it is necessary to
>have the security built into the DNS systems. It is a misconception that
>firewalls prevent such attacks. To minimize the risk of a spoofing attack,
>every organization or individual responsible for a domain should first check
>which type of name server they are using and consult with its developer
>whether it is secure against DNS spoofing or not. It is also important to
>find out whether cooperating parties are using spoofable name servers in order
>to prevent important incoming email being transferred to un-authorized
> The latest version of DNS Expert (v.1.3) can be used to check the
>vulnerability of all types of DNS servers to DNS spoofing and other DNS
>problems. Besides, it is convenient to use DNS Expert 1.3 to test the
>security status of cooperating parties.
> Cricket Liu, at Acme Byte & Wire, has also provided guidelines on how to
>solve the spoofing problem for BIND and the Microsoft DNS Server in his
>presentation "Securing Your Name Server" which can be found at
> Further information is also available at http://www.menandmice.com.
> About Men & Mice
> Men & Mice, headquartered in Reykjavik, Iceland, is a leading developer of
>DNS software. The company is committed to the development of new innovative
>DNS and Internet related software for Windows and Mac OS.
PO Box 8828, Bachbrecht, Windhoek, Namibia
Tel. +264 61 252946
e-mail: [log in to unmask]