Connect with us
X
Categories:

Technology

Unsecure DNS resolvers provide a significant danger of website hijack

Published

on

Unsecure DNS resolvers provide a significant danger of website hijack
Share this post:

Hidden DNS (domain name system) resolvers create a means for carrying out email redirection and account takeover attacks, security researchers warn.

In a technical blog post, SEC Consult explains how it’s possible to manipulate the DNS name resolution of these so-called closed DNS resolvers using a variant of cache poisoning attacks (PDF), which were first unveiled by celebrated network security researcher Dan Kaminsky way back in 2008.

Cache from chaos

Previous research by SEC Consult has shown how it’s possible for an attacker to take over user accounts of web applications by manipulating DNS name resolution.

Closed DNS resolvers are used by numerous hosting providers and other internet service providers (ISPs) to provision services to their clients. As the name suggests, closed DNS resolvers reside on closed networks or intranets.

However, ‘closed’ is a bit of a misnomer in the context of SEC Consult’s research because the researchers have shown how it might be possible for external actors to abuse the functionalities of web applications to readily attack closed resolvers.

They found that attack reconnaissance is possible by exploiting how closed DNS resolvers interact with spam protection mechanisms on the open internet.

This could help an attacker understand DNS security features like source port randomization, DNSSEC, IP fragmentation, and, more simply by exploiting registration, password-reset, as well as newsletter functionalities of web applications that rely on closed resolvers.

Scouring the web

SEC Consult used two open source tools – DNS Reset Checker and the DNS Analysis Server – to analyze DNS traffic from targeted systems in order to identify vulnerabilities.

In practical terms, this attack reconnaissance work involved sending emails to some well-known domains and specifying the analysis domain as the sending domain. This allowed the researchers to identify thousands of systems that used static source ports, a security oversight that left them vulnerable to Kaminsky-style attacks.

“After sending emails to roughly 50k domains, we’ve received and analyzed DNS data for approximately 7,000 of them,” SEC Consult explains. “Among those 7,000 domains, at least 25 were using static source ports. By going down the rabbit hole again, thousands of more domains using static source ports were discovered.”

None of a sample of 25 vulnerable resolvers were using or enforcing additional security features such as DNSSEC, SEC Consult discovered.

Affected services were running behind domains operated by both small and big businesses, and sites delivering governmental services and political campaigns.

DNS cache poisoning insecurities can be abused to manipulate records and redirect emails – a security shortcoming that would allow an attacker to abuse the password reset functionalities of WordPress and Joomla installations, among others.

The attack technique can be used to hijack even a fully patched WordPress installation, SEC Consult was able to demonstrate.

The infosec firm has held back on publicly releasing the exploit code it developed to attack WordPress systems, because of concerns that awareness of the issue is low, which would leave many web-based systems accessible through closed DNS resolvers open to attack.

SEC consult spoke to ISPs, hosting providers, and computer emergency response teams (CERTs) about the issue in the months prior to going public with its findings last week.

Cache out

Independent DNS security experts said that the research highlighted a valid concern.

Cricket Liu, chief DNS architect at Infoblox, told Daily Swig: “I don’t think this is particularly novel – we talked about this sort of thing back in the heyday of the Kaminsky vulnerability – but it’s relevant because there are still some DNS servers out there that don’t use source port randomization.”

Containing exotic attacks

Even though legacy Kaminsky attacks are definitely not the ‘next big thing’ it would be unwise to dismiss the issue as unfashionable, according to SEC Consult.

Timo Longin, a security consultant at SEC Consult, told Daily Swig: “The DNS provides very exotic and unknown attack vectors that should be brought to the attention of the infosec community! For example, we found some hosting providers where it would potentially be possible to compromise all hosted servers by password-reset hijacking users via the providers’ control panel”.

To safeguard systems, vulnerable DNS resolvers must be patched and configured securely. Some best practices for securing your own DNS resolvers can be found at Google and at DNS flag day. Alternatively, large public DNS providers such as Google, Cloudflare, or Cisco can also be used.

Countermeasures for new DNS attacks are usually implemented quickly by these large providers, according to SEC Consult.


Get More Stories Like This On: Facebook: @AllNaijaEntertainment, Twitter: @AllNaijaEntertainment
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Expanding Living Space
Lifestyle3 weeks ago

Expanding Living Space: Prefabricated Workshop Building Kits for Extra Rooms

BeBe Winans
Lyrics1 month ago

BeBe Winans – It All Comes Down to Love [Lyrics]

BeBe Winans
Music1 month ago

[Music] BeBe Winans – It All Comes Down to Love

The Countdown Begins to the Tournament That Has It All
ANE Football Analytical2 months ago

AFCON 2023: A Sporting Spectacle Set to Captivate the World

Litecoin: What Makes It The Crypto Winner?
Technology3 months ago

Runny Inflation Can Drive Cryptocurrency Adoption

Black and White French Bulldog puppies Frenchie Joy
Lifestyle3 months ago

Black and White French Bulldog puppies Frenchie Joy

3 Serious Reasons to Keep Your Teenager Away From Social Media
Lifestyle3 months ago

3 Serious Reasons to Keep Your Teenager Away From Social Media

Boxing vs MMA What Makes Them So Different
Sports4 months ago

Boxing vs MMA: What Makes Them So Different

Roisea: Most Advanced Crypto Trading Platform for Bitcoin
Technology4 months ago

NFTs and Intellectual Property Rights: Shaping Creative Ownership

The Birth of a Rugby Nation South Africas Love Affair with the Sport
Sports8 months ago

The Birth of a Rugby Nation: South Africa’s Love Affair with the Sport

A Beginner's Guide to Radicle (RAD): The Future of Peer-to-Peer Development
Technology9 months ago

A Beginner’s Guide to Radicle (RAD): The Future of Peer-to-Peer Development

Analysis of Nigeria's Renewable Energy Sector: Opportunities and Challenges
Technology10 months ago

Analysis of Nigeria’s Renewable Energy Sector: Opportunities and Challenges

Casino Gaming Poker
Sports10 months ago

What Are The Various Types Of Online Slots?

Luka Modric celebrates after scoring Real Madrid's second goal against Celta Vigo.
Sports11 months ago

Luka Modric set to join Ronaldo in Saudi Arabia’s Al Nassr

WHO World Health Organization
Health11 months ago

WHO debunks claims that tuberculosis is caused by witchcraft, poison

Atiku Abubakar
News11 months ago

2023 Election: Why DSS must arrest Fani-Kayode – Atiku

PDP Logo Umbrella
News11 months ago

PDP suspends National Chairman

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories11 months ago

[STORY] THE PASTOR’S DAUGHTER (Final Episode 13)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 12)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 11)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 10)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 09)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 08)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 07)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 06)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 05)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 04)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 03)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 02)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Episode 01)

The Pastor Daughter Story by Miriam Edem _ ANE Story
ANE Stories12 months ago

[STORY] THE PASTOR’S DAUGHTER (Complete Episodes)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 16)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 15)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 14)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 13)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 12)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 11)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 10)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 09)

Papa Loves His Girls by Opeyemi Ojerinde Akintunde_ANE Stories
ANE Stories12 months ago

[STORY] PAPA LOVES HIS GIRLS (Episode 08)

ANE Billboard Hots