A Quarter Of DNS Servers Still Vulnerable

Maybe DNS should stand for <strong>Do Not Secure</strong>. Half a year after the announcement of of a Domain Name System flaw and about a quarter of the DNS servers that should have been patched haven't been.

Keith Ferrell, Contributor

November 11, 2008

1 Min Read
Dark Reading logo in a gray background | Dark Reading

Maybe DNS should stand for Do Not Secure. Half a year after the announcement of of a Domain Name System flaw and about a quarter of the DNS servers that should have been patched haven't been.Six months, you'd think, is plenty of time to get the world's domain name servers patched against the cache poisoning vulnerability revealed and widely discussed, well, six months ago.

You'd think that more readily, of course, if you hadn't seen just this sort of lax, sloppy approach to patches taken before, both by businesses and consumers.

So probably we shouldn't be surprised that, according to new survey research undertaken by Infoblox and The Measurement Factory, 25 percent of the DNS servers that were vulnerable half a year ago still are.

While there's some noise being made about the 75 percent patch rate actually being better than expected,that's clearly a semi-silk purse at best. The sow's ear is the huge number of unpatched machines still out there, still vulnerable, operated by companies that, it seems safe to suppose, just don't care.

An Executive Summary of the Infoblox/Measurement Factory DNS findings is here.

Infoblox has a nice collection of technical information related to DNS Best Practices here.

Read more about:

2008

About the Author

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights