Alert Issued on Unauthentic Software Sites
The German Federal Agency for Security in Information - BSI- in Bonn is cautioning Web users about a latest and tricky security hole that may attack them when they are online.
Security Analysts at the agency said that the hole is associated with DNS (Domain Name System) and potentially attacks users. Also, explaining the DNS hole, security analysts claimed that the DNS translates the names, which are typed by a user, into a numeric based IP address.
Also, the users know very well that attackers can manipulate DNS severs to redirect them to different sites without their prior consent. It means that users can be taken to phishing sites without their knowledge.
Further, it may lead users to download harmful content on their system in the form of malicious codes, computer Trojan, viruses, adware, spyware or succumbing onto any other kind of security hazard online.
Matthias Gaertner of BSI said that it is unfortunate that not all the service providers have repaired the hole on their DNS servers, with many users think that they are shopping at an Internet shop or conducting online banking but reveal their private details which is further misused by cyber crooks for malicious task, as reported by The Sydney Morning Herald on August 24, 2008.
BSI also commented that internet users could not make sure whether their service providers have updated DNS servers or not. But they can at least check whether they are at risk or not. BSI also claimed that the site DNS-OARC (https://www.dns-oarc.net/oarc/services/dnsentropy) checks whether the provider of the user has dealt with the issue.
As per BSI, if the test displays that the DNS is still open to these types of attacks, then users prohibit their surfing until it is fixed. This implies that do not visit bank site or divulge private details.
Matthias also said that changes in the DNS setting, i.e attempting to redirect the DNS settings on the user's system to another DNS server, need knowledge of technical knowledge. , Therefore, it requires urgent fix before it exploits online users.
Related article: Alerts Launched against Hacking Attacks this Olympic
» SPAMfighter News - 01-09-2008