During the recent Denial of Service (DoS) attack on a large international registrar effecting over 7.5 million web sites in 48 hours, i have learnt of an effective Internet vulnerability. I am only writing about it as once you read it, it is common knowledge and is only dangerous if you were inclined to try to crash the Internet. In which case you would have already figured this out.
The majority of the worlds Name Servers use the < .com> TLD. < .com> is also the worlds most popular domain for web sites. If an attack were successful on the .com servers, one expert has suggested that up to 60% of the Internet could be affected. Considering the resources required for a DoS attack and the recent outbreak of the latest Conficker or Kido Internet worm outbreak that no one has yet ascertained it’s purpose. All we are told is that it will check to see if you have a Ukranium keyboard, if yes it leaves you alone, if no then it will infect your computer. We are also told that over 15 million computers have been infected. Are we looming towards a major attack on our Internet ?.
This reminds me of the vulnerabilities in the DNS that have been largely ignored since the DNS was created and could cause catastrophe for the Internet.
Why are the owners of large name servers and ISP’s not using a myriad of TLD’s for their Name Servers ?. I can only imagine the reason is because it is easier to use a .com for all Name Servers.
Likewise, many web sites in New Zealand use a .nz Name Server unless they are hosted overseas. The fact that concerns me more is that a Victoria University project called “honeypot” revealed that the number of compromised servers in the .nz space have almost doubled in the past 2 years. Does this mean that the .nz space could be just as easily compromised ?.
.
.
.
Leave a Reply