Hackers Can Target URL/IP Conversion

According to a security expert at Sucuri, a firm devoted to dealing in network security, there is a flaw in DNS software that allows attackers to crash the system. Regular Internet users are mostly not affected. The Internet Systems Consortium among others has urged system administrators to patch the bug in Bind. Here is more information about the bug itself.

internet-systems-consortium-bind-bug-fix-patch-bind

Bugs like these have in recent times rocked the Internet. Heartbleed and others have created major holes in web servers trying to do anything more than display HTML pages, and even those were insecure due to some.

Bind is the software used by many systems to convert a naked URL to an IP address which the browser can do something with although the filename in the browser bar is still displayed in plain English for the user. According to the bug page:

Both recursive and authoritative servers are vulnerable to this defect. Additionally, exposure is not prevented by either ACLs or configuration options limiting or denying service because the exploitable code occurs early in the packet handling before checks enforcing those boundaries.

Author:

Website: http://phm.link

P. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link