Hackers attack DNS exploit, ISPs failing to update servers

theregister.co.uk are reporting that many ISPs have still not acted up on the now infamous DNS security flaw and miscreants are actively exploiting the gaping hole in the internet's address lookup system that can cause millions of web surfers to receive counterfeit pages when they try to access online banking services and other types of websites.

many laggard internet service providers reported to be dragging their feet in applying patches that fix the devastating DNS flaw. Dan Kaminsky says more ISPs appear to be getting the message. Last week, about 51 per cent of unique name servers tested on his site (see the "check my DNS" button to the right) showed up as vulnerable. Now, he says it's closer to 35 percent.

Test your own ISP here.

If it still fails then you can always update your settings to use OpenDNS

OpenDNS

My current ISP is VirginMedia née NTL née Diamond Cable and has generally been pretty reliable, what issues I have had with connectivity and browsing have often been DNS related.

Most people have experienced this problem at some time, you type in the website address and hit enter then there is a long delay before the website appears, or doesn't appear instead you get an error message. This is quite often the result of Domain Name System (DNS) problems, DNS is the system where the websites alphanumeric name (e.g www.virginmedia.com) is converted into the IP number (212.250.162.12) , effectively it's an internet phone book.

If that system is slow or fails either due to server load, or connectivity problems it creates a delay or failure when using the internet. Also like much of the original infrastructure of the internet DNS was not originally designed with security in mind, and thus has a number of security issues have occured, such as DNS Cache poisoning which has lead to phishing attacks. Because DNS works in the background the idea behind these attacks is to feed the browser an alternative IP address we redirects it to spoof and fake website, either in an attempt to introduce malware or to harvest personal information for ID fraud from the unsuspecting user.

In an attempt to offer a solution to these growing problems or reliability, speed and security David Ulevitch created OpenDNS in July 2006.

OpenDNS offers DNS resolution for consumers and businesses as an alternative to using their internet service provider's DNS servers. The system comprises of servers in strategic locations and employing a large cache of the domain names, the result is DNS queries are usually processed much more quickly, increasing page retrieval speed.

Other features of OpenDNS include a phishing filter and typo error correction (for example, typing wikipedia.og instead of wikipedia.org). By collecting a list of malicious sites, OpenDNS blocks access to these sites when a user tries to access them through their service. OpenDNS has also launched Phishtank, where computer users around the world can submit and review suspected phishing sites. OpenDNS can also be configured to limit access to adult related sites. Details of all the features on offer can be found here.

I have switched my network to OpenDNS, full instructions and HowTos are available on the site. It was painless and simple, browsing does seem quicker but I haven't used it long enough to really comment on the speed improvements but the ability to view statistics and lots of graphs is enough to convince me!