Please support our Tech Talk advertiser:
Featured Entry 
Apr 16th, 2007, 1:29 am
If you're visiting a known site such as Google.com, you're perfectly safe, right? Wrong. New DNS vulnerabilities in Microsoft's Windows 2000 and 2003 severs could potentially allow a DNS server to get hijacked, and redirect a user to a completely different site than they expected to see.
The vulnerability exists in the RPC protocol (Remote Procedure Call), which is supposed to get services from other applications on the network. By using a basic stack overflow technique, hackers can compromise the target machine and gain access to the routing table.
This becomes extremely dangerous. Cybercrooks could redirect a visitor to a phishing site instead of the site they originally intended to visit, stealing credit card information and personal information. Email could be rerouted to different servers.
Seeing how old Windows 2000 is, it's a little surprising that someone didn't discover this sooner. Nearly 7 years since it was released, and a vulnerability that's so simple to take advantage of for any somewhat-knowledgeable hacker.
Good news is that owners of servers running on Windows XP and Vista have nothing to worry about; the security bug does not exist in these versions.
While you're waiting for your Windows 2000 server to get patched by Microsoft, they recommend disabling the remote-administration option which is needed to exploit the vulnerability. There's also ports that you can block on your firewall which will effectively stop RPC, and thus the attacks.
Perhaps now server owners see a benefit to upgrading to Vista...
The vulnerability exists in the RPC protocol (Remote Procedure Call), which is supposed to get services from other applications on the network. By using a basic stack overflow technique, hackers can compromise the target machine and gain access to the routing table.
This becomes extremely dangerous. Cybercrooks could redirect a visitor to a phishing site instead of the site they originally intended to visit, stealing credit card information and personal information. Email could be rerouted to different servers.
Seeing how old Windows 2000 is, it's a little surprising that someone didn't discover this sooner. Nearly 7 years since it was released, and a vulnerability that's so simple to take advantage of for any somewhat-knowledgeable hacker.
Good news is that owners of servers running on Windows XP and Vista have nothing to worry about; the security bug does not exist in these versions.
While you're waiting for your Windows 2000 server to get patched by Microsoft, they recommend disabling the remote-administration option which is needed to exploit the vulnerability. There's also ports that you can block on your firewall which will effectively stop RPC, and thus the attacks.
Perhaps now server owners see a benefit to upgrading to Vista...
This blog entry was written by John Altenmueller, staff writer aka John A. It has received 1,290 views, 0 comments, and 1 linkback. 1 voter has rated this entry 5 out of 5 stars. It was promoted to featured status Apr 16th, 2007.
•
•
•
•
advice antivirus apple botnet browser business crime cybercrime daniweb data development dos email encryption exploit firefox forensic fraud google hacking hardware help information internet iphone kaspersky linux malware mcafee michael knight microsoft mobile news phishing privacy report research satnav search security software spam spyware terrorism trojan virus vista web windows worm
All Recent Tags Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Tech Talk Marketplace
Related Blog Entries
- Viacom defends itself over YouTube data log disclosure (23 Hours Ago)
- Apple slow to patch iPhone security holes (1 Day Ago)
- Microsoft 'Equipt' to Battle Free Software (1 Day Ago)
- 12,000 laptops lost in US airports EVERY WEEK (2 Days Ago)
- Ballmer Again Chomping At The Bit for Yahoo (3 Days Ago)
- Apple iPhone 3G creates shortage of flash memory chips (3 Days Ago)
- Seeing double, twice, with Matrox M-Series QuadHead GPU (4 Days Ago)
- Good-bye Windows XP, Hello Open Source? (4 Days Ago)
- Tux, Please Pass The Packets. (5 Days Ago)
- The ipodmechanic is sued by Apple (8 Days Ago)
Related Forum Threads
- Cannot find server or DNS Error - on MS download sites (Windows NT / 2000 / XP / 2003)
- Which one to choose? (Web Developers' Lounge)
- Which one to choose? (Computer Science and Software Design)
- What are all these Processes? (Windows NT / 2000 / XP / 2003)
- A few simple (probley stupid) questions (Getting Started and Choosing a Distro)
