1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Internet flaw could let hackers take over the Web

Discussion in 'News' started by wagnerk, Jul 9, 2008.

  1. wagnerk
    Highly Decorated Member Award

    wagnerk aka kitkatninja Moderator


    Internet flaw could let hackers take over the Web

    SAN FRANCISCO (AFP) - Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web.

    Major software and hardware makers worked in secret for months to create a software "patch" released on Tuesday to repair the problem, which is in the way computers are routed to web page addresses.
    "It's a very fundamental issue with how the entire addressing scheme of the Internet works," Securosis analyst Rich Mogul said in a media conference call.

    "You'd have the Internet, but it wouldn't be the Internet you expect. (Hackers) would control everything."

    The flaw would be a boon for "phishing" cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

    To read the whole article, see here.

    Certifications: CITP, PGDip, BSc, HNC, LCGI, PTLLS, MCT, MCITP, MCTS, MCSE, MCSA:M, MCSA, MCDST, MCP, MTA, MCAS, MOS (Master), A+, N+, S+, ACA, VCA, etc... & 2nd Degree Black Belt
    WIP: MSc in Tech Management


    1. tripwire45
      The article doesn't really say what the issue is/was (which I suppose is good). I'm also unclear as to just how this "patch" is applied. The quote above seems to suggest that it might be at the level of the individual computer. If so, is it OS dependent? If Microsoft and Cisco are the main players in this game, what about Mac and Linux/UNIX? Or am I being dense?
    2. UKDarkstar
      Stuff the Internet !

      Bring back CIX on a 1200/75 baud modem ! :twisted:

      (err, probably showing my age a bit here ! )
    3. tripwire45
      Not as much as your name/av's reference to a 34 year old movie. :wink:
    4. Crito
    5. hbroomhall
      'Insufficient randomness' is the currently quoted reason for the patch.

      The patch is for DNS servers rather than clients, and each vendor has to do their own fix.

      Details of the actual fault are being withheld for 30 days to allow most places to fix the problem so we don't get people trying to break things while the patching is going on.

    6. Crito
      Give me the information and I'll decide how serious the problem is. Otherwise nothing is going to get patched. You can't just disrupt business because "Paul Vixie says so". That's not going to fly anywhere.
    7. hbroomhall
      Actually - it is flying a lot. A large number of ISPs in the UK are patching their systems to my knowledge.

      Mind you - there is sufficient known about the problem and the patch to convince most system admins. What isn't known is the supposed 'shortcut' that this guy has found. However - the current fix is the same however he has done it - increase randomness.

    8. zebulebu
      I'm convinced this flaw is behind, or partially behind, the recent hijackings of IANA and ICANN that have crept under the radar of the mainstream press. Usually I couldn't give a monkeys about this sort of thing, but this time I'm taking it seriously - its not so much the implications for our own infrastructure that worry me, more the potential for someone to start using our sites as a launchpad for XSS attacks. I don't want to start getting phonecalls from irate people telling me our DNS infrastructure was used to con them out of their banking passwords!

      I think I posted before that something like this vulnerability has certainly been postulated before, and may well already be out there in the wild but limited to 'real' hackers rather than script kiddies. I've heard it discussed in government security circles in the past, but never had any concrete information on it.

      Ordinarily I'd agree with Crit - there's so much scaremongering done by security companies that you just start to get immune to all the bull**** that flies around - only this time I'm taking notice.
    9. Crito

      ""Red Hat's response to update bind through RHN, patching the DNS hole, made a fatal error which will revert all name servers to caching only servers. This meant that anyone running their own DNS service promptly lost all of their DNS records for which they were acting as primary or secondary name servers. Expect quite a few services provided by servers running RHEL to, errr, die until their system administrators can restore their named.conf."

      ... and sometimes the cure is worse than the disease.
    10. hbroomhall
      Some of the comments to that posting suggest that the OP has made some silly errors, and the fault might not be RedHat's.

    11. onoski
      It would be nice to hear how this hole can be patched, just too much screaming with no one coming out with a solid solution:)
    12. Crito
      IMVHO, it should have been treated as a bug and corrected as part of the normal build/test/release cycle. This hole had never been exploited and wasn't costing anybody anything. It certainly didn't warrant screaming "hackers are going to take over the internet".

    Share This Page