 |
 |
|
|
|
|||||||||||||||||||||||||||||||||||||
|
Study: Domain Name System security still lax
(IDG) -- Companies rushed to upgrade Domain Name System software after warnings were issued in late January about a flaw in widely used DNS software. In the past weeks, however, upgrading has come to a halt, concludes the Iceland DNS consultancy and software firm Men & Mice. Men & Mice tested the DNS systems for the Web sites of Fortune 1000 companies and random, .com domains at set dates after the alerts were released. The results were made public on the company's site. The Computer Emergency Response Team (CERT) at Carnegie Mellon University, meanwhile, said this week that it has begun receiving reports of Berkeley Internet Name Domain (BIND) holes being successfully exploited.
BIND, distributed free by the Internet Software Consortium (ISC), is software run by companies and Internet service providers to translate text-based Internet addresses into numbered IP addresses. Versions including both 4.9.x prior to 4.9.8 and 8.2.x are not secure, according to CERT. The day after CERT and Network Associates' PGP security subsidiary sent out the warnings, 33.3 percent of Fortune 1000 sites were using a bad version of BIND and 40.27 percent of .com domains were vulnerable. A week later, the figures were down to 17.4 percent and 16.73 percent, respectively, Men & Mice said. After the big drop, which Men & Mice attributed to the "extensive media coverage" about the issue, the pace of companies updating DNS software fell sharply. The latest tests, run on Feb. 21, showed that 12.4 percent of Fortune 1000 companies and 13.1 percent of dot-coms were still using insecure DNS software. Men & Mice ran a similar test for DNS software used in the national domains of Germany (.de) and Switzerland (.ch) and the U.K.'s commercial domain (.co.uk). Software for those domains was updated, but 15.29 percent of DNS servers in Germany, 11.54 percent in Switzerland and 9.87 percent of the U.K.'s commercial domains remained vulnerable as of Feb. 21. RELATED STORIES:
Fix for DNS software hole released RELATED IDG.net STORIES:
Survey: 25% of Fortune 1000 has bad DNS RELATED SITES:
ISC |
|
|
SCI-TECH
Study: Gadget sales flat Protest slams Dell's use of prison labor Steve Jobs keeps Apple in the limelight (MORE)
![[CNN.com]](http://i.cnn.net/cnn/images/newsnet/cnnlogo.gray.gif){kind=small} TOP STORIESN. Y. plans to heal skyline Stocks rise on Case departure Lieberman's presidential announcement today New arrests may be linked to UK ricin scare (MORE)
![[SI.com]](http://i.cnn.net/cnn/images/main/si.logo.gif){kind=logo} SPORTSJordan says farewell for the third time Shaq could miss playoff game for child's birth Ex-USOC official says athletes bent drug rules (MORE)
 All Scoreboards
|
|
|||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||
| Back to the top | |
© 2003 Cable News Network LP, LLLP.
A Time Warner Company. All Rights Reserved. Terms under which this service is provided to you. Read our privacy guidelines. Contact us. |
![[CNN Money]](http://i.cnn.net/cnn/images/main/fn.logo.newsnet.gif){kind=logo}
(