The Broadband Guide
SG
search advanced

Critical BIND bug could crash large portions of the internet

2015-08-04 09:38 by
Tags: , , ,

 

Hackers have started exploiting an extremely severe vulnerability in the widely used software utility BIND. It is one of the most popular DNS servers in the world and is used by most DNS providers.

The vulnerability number CVE-2015-5477 details an exploit that allows a remote, unauthenticated attacker to crash DNS servers using BIND by sending a specially crafted command.

The attack is reportedly so easy that a hacker could take down large chunks of the internet in a single move. And when many hackers do the same thing simultaneously, it would cause a noticeable outage and serious implications for the internet.

"Because of its severity we've been actively monitoring to see when the exploit would be live," Daniel Cid, founder and CTO of security firm Sucuri, wrote in a blog post published Sunday. "We can confirm that the attacks have begun. DNS is one of the most critical parts of the Internet infrastructure, so having your DNS go down, it also means your e-mail, HTTP, and all other services will be unavailable."

A patch for the flaw is already available, but many systems are yet to be updated. It's the only way to protect a system against the attack.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About