Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/16/2009
11:51 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NeuStar Rolls Out Cache Defender DNS Authentication System

Cache Defender deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform

STERLING, Va., June 16 /PRNewswire-FirstCall/ -- NeuStar, Inc. (NYSE: NSR) today announced the availability of Cache Defender(TM), a secure DNS authentication system that mitigates a fundamental flaw in how traffic is managed on the Internet. This vulnerability, brought to public attention last year by security researcher Dan Kaminsky, allows criminal elements to engage in "DNS cache poisoning" for the malicious hijacking of domain names and results in consequent damage from large-scale identity theft, among other illegal activities.

Cache poisoning causes erroneous addresses to be provided to users, directing them to fraudulent websites where their sensitive data can be "pharmed." Continued advances in processing speeds have made it much easier for criminal elements to exploit this fundamental DNS vulnerability. For example, a major Brazilian financial institution was recently the subject of a pharming attack launched from a poisoned DNS cache at a leading Brazilian ISP.

Cache Defender is a patent-pending system that deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform. This creates a secure link between each recursive and authoritative server, preventing malicious DNS responses from poisoning the recursive server's cache and protecting all of the participating ISP's customers. While it may well take years for Domain Names System Security Extensions (DNSSEC) to be widely adopted by the industry, Cache Defender is currently the only global solution that can protect Internet users and brands with the most useful benefits of end-to-end DNSSEC.

"The security of DNS infrastructure is critical to the security of the Internet as a whole," said Lydia Leong, research director for Enterprise Network Services at Gartner. "Businesses need to keep in mind that their Internet presence is only as available and secure as their DNS infrastructure. New DNS vulnerabilities continue to emerge, and need to be taken seriously by businesses and service providers alike."

The recursive DNS server is the first step for all Internet activity, as it begins and ends the DNS resolution process that directs users to their desired websites by providing IP addresses for requested domains.

Cache Defender leverages NeuStar's UltraDNS Directory Services Platform, a global authoritative DNS infrastructure that powers the DNS for over 20 million domains and thousands of enterprise customers globally.

"The DNS vulnerability identified by Dan Kaminsky represents one of the most serious threats ever to face the Internet," said Rodney Joffe, senior vice president and senior technologist at NeuStar. "Until DNSSEC has been adopted by the entire Internet community - an event that is still many months and possibly years away - NeuStar's Defender can help an ISP protect its recursive servers from malicious cache poisoning."

Cache Defender can be implemented immediately by any ISP and delivers the following benefits:

-- Participating ISPs receive cache poisoning protection for domains supported by the UltraDNS Platform. -- End users of participating ISPs are shielded from identify theft resulting from such pharming attacks. -- NeuStar's UltraDNS enterprise customers are protected from pharming attacks based on cache poisoning, thus safeguarding their online revenue and brand equity.

Grande Communications, a Texas-based communications company providing residential and business customers with high-speed Internet, telephony, and digital cable services over a single network, has recently deployed NeuStar's Cache Defender. "The threat of cache poisoning of recursive DNS servers is very real, and it is critical that the industry takes every precaution to minimize the threat," said Lamar Horton, Director of Network Engineering at Grande Communications. "We were very impressed with both the advanced security and ease of deployment of NeuStar's Cache Defender, and pleased to bring our customers additional peace of mind to their Internet experience."

"We have been a very satisfied customer of NeuStar's UltraDNS Services for several years, and have benefited from the increased reliability and security it has brought our authoritative DNS," said Tom Gade, manager of the Server Infrastructure Team at Allianz Global Investors.

"We are delighted that NeuStar will now protect our brand and revenue streams from malicious pharming attacks. Cache Defender provides additional levels of security for our online customers by addressing this critical vulnerability to which we are susceptible whenever our DNS answer is cached in a partnering ISP. We cannot get this protection anywhere else."

More information about NeuStar's UltraDNS suite of services is available at http://www.ultradns.com/.

About NeuStar

NeuStar (NYSE: NSR) provides market-leading and innovative services that enable trusted communication across networks, applications, and enterprises around the world. For more information, visitwww.neustar.biz.

About Grande Communications

Headquartered in San Marcos, Grande Communications(R)is building a deep-fiber broadband network to homes and businesses from the ground up. Grande delivers high-speed Internet, local and long-distance telephone and digital cable over its own advanced network to communities inTexas. Grande's bundled service area includes portions of Austin, Corpus Christi, suburban northwest Dallas, Midland, Odessa, San Antonio,San MarcosandWaco. Grande also leverages its telephone and data infrastructure by serving enterprises and communications carriers nationwide with broadband transport services and network services. Grande's voice network terminates traffic worldwide, offering both traditional and IP-based services; its managed modem network provides coverage nationwide; and its private line and metropolitan networks provide optical services inTexasand surrounding states. Grande's 5,000-fiber-mile network incorporates SONET-based technology for protection, diversity and optimal performance.www.grandecom.com

About Allianz Global Investors

Allianz Global Investors, the asset management subsidiary of Allianz SE, has EUR 920bn of assets under management for our clients worldwide.

The Allianz Global Investors investment managers - AAAm, NFJ Investment Group, Nicholas-Applegate, Oppenheimer Capital, PIMCO and RCM - offer their own distinctive philosophy and culture, and provide clients with a comprehensive and constantly evolving range of investment styles and products. Our approximately 4,700 employees around the globe, including more than 950 investment professionals, are committed to helping our clients achieve their goals by combining global expertise and local market knowledge with innovative solutions and world-class professional service. (source: Allianz Global Investors as at 31st December 2008 - latest available - unless otherwise stated)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-28331
PUBLISHED: 2020-11-24
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a de...
CVE-2020-28928
PUBLISHED: 2020-11-24
In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow).
CVE-2020-28994
PUBLISHED: 2020-11-24
A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database.
CVE-2020-13620
PUBLISHED: 2020-11-24
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration.
CVE-2020-13942
PUBLISHED: 2020-11-24
It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest ava...