Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/16/2009
11:51 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NeuStar Rolls Out Cache Defender DNS Authentication System

Cache Defender deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform

STERLING, Va., June 16 /PRNewswire-FirstCall/ -- NeuStar, Inc. (NYSE: NSR) today announced the availability of Cache Defender(TM), a secure DNS authentication system that mitigates a fundamental flaw in how traffic is managed on the Internet. This vulnerability, brought to public attention last year by security researcher Dan Kaminsky, allows criminal elements to engage in "DNS cache poisoning" for the malicious hijacking of domain names and results in consequent damage from large-scale identity theft, among other illegal activities.

Cache poisoning causes erroneous addresses to be provided to users, directing them to fraudulent websites where their sensitive data can be "pharmed." Continued advances in processing speeds have made it much easier for criminal elements to exploit this fundamental DNS vulnerability. For example, a major Brazilian financial institution was recently the subject of a pharming attack launched from a poisoned DNS cache at a leading Brazilian ISP.

Cache Defender is a patent-pending system that deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform. This creates a secure link between each recursive and authoritative server, preventing malicious DNS responses from poisoning the recursive server's cache and protecting all of the participating ISP's customers. While it may well take years for Domain Names System Security Extensions (DNSSEC) to be widely adopted by the industry, Cache Defender is currently the only global solution that can protect Internet users and brands with the most useful benefits of end-to-end DNSSEC.

"The security of DNS infrastructure is critical to the security of the Internet as a whole," said Lydia Leong, research director for Enterprise Network Services at Gartner. "Businesses need to keep in mind that their Internet presence is only as available and secure as their DNS infrastructure. New DNS vulnerabilities continue to emerge, and need to be taken seriously by businesses and service providers alike."

The recursive DNS server is the first step for all Internet activity, as it begins and ends the DNS resolution process that directs users to their desired websites by providing IP addresses for requested domains.

Cache Defender leverages NeuStar's UltraDNS Directory Services Platform, a global authoritative DNS infrastructure that powers the DNS for over 20 million domains and thousands of enterprise customers globally.

"The DNS vulnerability identified by Dan Kaminsky represents one of the most serious threats ever to face the Internet," said Rodney Joffe, senior vice president and senior technologist at NeuStar. "Until DNSSEC has been adopted by the entire Internet community - an event that is still many months and possibly years away - NeuStar's Defender can help an ISP protect its recursive servers from malicious cache poisoning."

Cache Defender can be implemented immediately by any ISP and delivers the following benefits:

-- Participating ISPs receive cache poisoning protection for domains supported by the UltraDNS Platform. -- End users of participating ISPs are shielded from identify theft resulting from such pharming attacks. -- NeuStar's UltraDNS enterprise customers are protected from pharming attacks based on cache poisoning, thus safeguarding their online revenue and brand equity.

Grande Communications, a Texas-based communications company providing residential and business customers with high-speed Internet, telephony, and digital cable services over a single network, has recently deployed NeuStar's Cache Defender. "The threat of cache poisoning of recursive DNS servers is very real, and it is critical that the industry takes every precaution to minimize the threat," said Lamar Horton, Director of Network Engineering at Grande Communications. "We were very impressed with both the advanced security and ease of deployment of NeuStar's Cache Defender, and pleased to bring our customers additional peace of mind to their Internet experience."

"We have been a very satisfied customer of NeuStar's UltraDNS Services for several years, and have benefited from the increased reliability and security it has brought our authoritative DNS," said Tom Gade, manager of the Server Infrastructure Team at Allianz Global Investors.

"We are delighted that NeuStar will now protect our brand and revenue streams from malicious pharming attacks. Cache Defender provides additional levels of security for our online customers by addressing this critical vulnerability to which we are susceptible whenever our DNS answer is cached in a partnering ISP. We cannot get this protection anywhere else."

More information about NeuStar's UltraDNS suite of services is available at http://www.ultradns.com/.

About NeuStar

NeuStar (NYSE: NSR) provides market-leading and innovative services that enable trusted communication across networks, applications, and enterprises around the world. For more information, visitwww.neustar.biz.

About Grande Communications

Headquartered in San Marcos, Grande Communications(R)is building a deep-fiber broadband network to homes and businesses from the ground up. Grande delivers high-speed Internet, local and long-distance telephone and digital cable over its own advanced network to communities inTexas. Grande's bundled service area includes portions of Austin, Corpus Christi, suburban northwest Dallas, Midland, Odessa, San Antonio,San MarcosandWaco. Grande also leverages its telephone and data infrastructure by serving enterprises and communications carriers nationwide with broadband transport services and network services. Grande's voice network terminates traffic worldwide, offering both traditional and IP-based services; its managed modem network provides coverage nationwide; and its private line and metropolitan networks provide optical services inTexasand surrounding states. Grande's 5,000-fiber-mile network incorporates SONET-based technology for protection, diversity and optimal performance.www.grandecom.com

About Allianz Global Investors

Allianz Global Investors, the asset management subsidiary of Allianz SE, has EUR 920bn of assets under management for our clients worldwide.

The Allianz Global Investors investment managers - AAAm, NFJ Investment Group, Nicholas-Applegate, Oppenheimer Capital, PIMCO and RCM - offer their own distinctive philosophy and culture, and provide clients with a comprehensive and constantly evolving range of investment styles and products. Our approximately 4,700 employees around the globe, including more than 950 investment professionals, are committed to helping our clients achieve their goals by combining global expertise and local market knowledge with innovative solutions and world-class professional service. (source: Allianz Global Investors as at 31st December 2008 - latest available - unless otherwise stated)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Are You One COVID-19 Test Away From a Cybersecurity Disaster?
Alan Brill, Senior Managing Director, Cyber Risk Practice, Kroll,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-21269
PUBLISHED: 2020-10-27
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.
CVE-2020-27743
PUBLISHED: 2020-10-26
libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.
CVE-2020-1915
PUBLISHED: 2020-10-26
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application usi...
CVE-2020-26878
PUBLISHED: 2020-10-26
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.
CVE-2020-26879
PUBLISHED: 2020-10-26
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.