 |  |  |  |  |  |  |  |
New security threats as DNS flaw is uncovered
If you're visiting a known site such as Google.com, you're perfectly safe, right? Wrong. New DNS vulnerabilities in Microsoft's Windows 2000 and 2003 severs could potentially allow a DNS server to get hijacked, and redirect a user to a completely different site than they expected to see.
The vulnerability exists in the RPC protocol (Remote Procedure Call), which is supposed to get services from other applications on the network. By using a basic stack overflow technique, hackers can compromise the target machine and gain access to the routing table.
This becomes extremely dangerous. Cybercrooks could redirect a visitor to a phishing site instead of the site they originally intended to visit, stealing credit card information and personal information. Email could be rerouted to different servers.
Seeing how old Windows 2000 is, it's a little surprising that someone didn't discover this sooner. Nearly 7 years since it was released, and a vulnerability that's so simple to take advantage of for any somewhat-knowledgeable hacker.
Good news is that owners of servers running on Windows XP and Vista have nothing to worry about; the security bug does not exist in these versions.
While you're waiting for your Windows 2000 server to get patched by Microsoft, they recommend disabling the remote-administration option which is needed to exploit the vulnerability. There's also ports that you can block on your firewall which will effectively stop RPC, and thus the attacks.
Perhaps now server owners see a benefit to upgrading to Vista...
The vulnerability exists in the RPC protocol (Remote Procedure Call), which is supposed to get services from other applications on the network. By using a basic stack overflow technique, hackers can compromise the target machine and gain access to the routing table.
This becomes extremely dangerous. Cybercrooks could redirect a visitor to a phishing site instead of the site they originally intended to visit, stealing credit card information and personal information. Email could be rerouted to different servers.
Seeing how old Windows 2000 is, it's a little surprising that someone didn't discover this sooner. Nearly 7 years since it was released, and a vulnerability that's so simple to take advantage of for any somewhat-knowledgeable hacker.
Good news is that owners of servers running on Windows XP and Vista have nothing to worry about; the security bug does not exist in these versions.
While you're waiting for your Windows 2000 server to get patched by Microsoft, they recommend disabling the remote-administration option which is needed to exploit the vulnerability. There's also ports that you can block on your firewall which will effectively stop RPC, and thus the attacks.
Perhaps now server owners see a benefit to upgrading to Vista...
Similar Threads
- Trojan threats & Norton (IT Professionals' Lounge)
- System Alert:Malware threats (Viruses, Spyware and other Nasties)
- threats, virus, etc cant be removed (Viruses, Spyware and other Nasties)
- What should I do against threats from the net? (Viruses, Spyware and other Nasties)
| Thread Tools | Search this Thread |
You need to join our community in order to build your list of favorite forums. You can visit the forum index for a listing of all forums.
Related Forum Features
Latest Domains and DNS Posts
- Today's Posts
- Unanswered Threads
adobe advice antivirus apple attack blackhat botnet browser business cable cellphone china conficker crime cybercrime daniweb data database dataloss ddos development dns domains email emailretention encryption exploit facebook firefox fraud gmail google government hack hacker hacking hardware information internet iphone kaspersky leopard linux mac macosx malware mcafee mckinnon microsoft mobile mozilla nasa network news obama os password passwords patch paypal pdf pentagon phishing politics privacy redhat report research satnav scam search security software softwaredevelopment sophos spam spyware sqlinjection strider survey symantec terrorism trends trojan twitter typo-squatting uk usb virus vista vulnerability warning web webmail windows windows7 worm xp yahoo zeroday
