Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/16/2009
11:51 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

NeuStar Rolls Out Cache Defender DNS Authentication System

Cache Defender deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform

STERLING, Va., June 16 /PRNewswire-FirstCall/ -- NeuStar, Inc. (NYSE: NSR) today announced the availability of Cache Defender(TM), a secure DNS authentication system that mitigates a fundamental flaw in how traffic is managed on the Internet. This vulnerability, brought to public attention last year by security researcher Dan Kaminsky, allows criminal elements to engage in "DNS cache poisoning" for the malicious hijacking of domain names and results in consequent damage from large-scale identity theft, among other illegal activities.

Cache poisoning causes erroneous addresses to be provided to users, directing them to fraudulent websites where their sensitive data can be "pharmed." Continued advances in processing speeds have made it much easier for criminal elements to exploit this fundamental DNS vulnerability. For example, a major Brazilian financial institution was recently the subject of a pharming attack launched from a poisoned DNS cache at a leading Brazilian ISP.

Cache Defender is a patent-pending system that deploys proprietary NeuStar appliances both in the core of an ISP network and at each node of NeuStar's UltraDNS Directory Services Platform. This creates a secure link between each recursive and authoritative server, preventing malicious DNS responses from poisoning the recursive server's cache and protecting all of the participating ISP's customers. While it may well take years for Domain Names System Security Extensions (DNSSEC) to be widely adopted by the industry, Cache Defender is currently the only global solution that can protect Internet users and brands with the most useful benefits of end-to-end DNSSEC.

"The security of DNS infrastructure is critical to the security of the Internet as a whole," said Lydia Leong, research director for Enterprise Network Services at Gartner. "Businesses need to keep in mind that their Internet presence is only as available and secure as their DNS infrastructure. New DNS vulnerabilities continue to emerge, and need to be taken seriously by businesses and service providers alike."

The recursive DNS server is the first step for all Internet activity, as it begins and ends the DNS resolution process that directs users to their desired websites by providing IP addresses for requested domains.

Cache Defender leverages NeuStar's UltraDNS Directory Services Platform, a global authoritative DNS infrastructure that powers the DNS for over 20 million domains and thousands of enterprise customers globally.

"The DNS vulnerability identified by Dan Kaminsky represents one of the most serious threats ever to face the Internet," said Rodney Joffe, senior vice president and senior technologist at NeuStar. "Until DNSSEC has been adopted by the entire Internet community - an event that is still many months and possibly years away - NeuStar's Defender can help an ISP protect its recursive servers from malicious cache poisoning."

Cache Defender can be implemented immediately by any ISP and delivers the following benefits:

-- Participating ISPs receive cache poisoning protection for domains supported by the UltraDNS Platform. -- End users of participating ISPs are shielded from identify theft resulting from such pharming attacks. -- NeuStar's UltraDNS enterprise customers are protected from pharming attacks based on cache poisoning, thus safeguarding their online revenue and brand equity.

Grande Communications, a Texas-based communications company providing residential and business customers with high-speed Internet, telephony, and digital cable services over a single network, has recently deployed NeuStar's Cache Defender. "The threat of cache poisoning of recursive DNS servers is very real, and it is critical that the industry takes every precaution to minimize the threat," said Lamar Horton, Director of Network Engineering at Grande Communications. "We were very impressed with both the advanced security and ease of deployment of NeuStar's Cache Defender, and pleased to bring our customers additional peace of mind to their Internet experience."

"We have been a very satisfied customer of NeuStar's UltraDNS Services for several years, and have benefited from the increased reliability and security it has brought our authoritative DNS," said Tom Gade, manager of the Server Infrastructure Team at Allianz Global Investors.

"We are delighted that NeuStar will now protect our brand and revenue streams from malicious pharming attacks. Cache Defender provides additional levels of security for our online customers by addressing this critical vulnerability to which we are susceptible whenever our DNS answer is cached in a partnering ISP. We cannot get this protection anywhere else."

More information about NeuStar's UltraDNS suite of services is available at http://www.ultradns.com/.

About NeuStar

NeuStar (NYSE: NSR) provides market-leading and innovative services that enable trusted communication across networks, applications, and enterprises around the world. For more information, visitwww.neustar.biz.

About Grande Communications

Headquartered in San Marcos, Grande Communications(R)is building a deep-fiber broadband network to homes and businesses from the ground up. Grande delivers high-speed Internet, local and long-distance telephone and digital cable over its own advanced network to communities inTexas. Grande's bundled service area includes portions of Austin, Corpus Christi, suburban northwest Dallas, Midland, Odessa, San Antonio,San MarcosandWaco. Grande also leverages its telephone and data infrastructure by serving enterprises and communications carriers nationwide with broadband transport services and network services. Grande's voice network terminates traffic worldwide, offering both traditional and IP-based services; its managed modem network provides coverage nationwide; and its private line and metropolitan networks provide optical services inTexasand surrounding states. Grande's 5,000-fiber-mile network incorporates SONET-based technology for protection, diversity and optimal performance.www.grandecom.com

About Allianz Global Investors

Allianz Global Investors, the asset management subsidiary of Allianz SE, has EUR 920bn of assets under management for our clients worldwide.

The Allianz Global Investors investment managers - AAAm, NFJ Investment Group, Nicholas-Applegate, Oppenheimer Capital, PIMCO and RCM - offer their own distinctive philosophy and culture, and provide clients with a comprehensive and constantly evolving range of investment styles and products. Our approximately 4,700 employees around the globe, including more than 950 investment professionals, are committed to helping our clients achieve their goals by combining global expertise and local market knowledge with innovative solutions and world-class professional service. (source: Allianz Global Investors as at 31st December 2008 - latest available - unless otherwise stated)

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Manchester United Suffers Cyberattack
Dark Reading Staff 11/23/2020
As 'Anywhere Work' Evolves, Security Will Be Key Challenge
Robert Lemos, Contributing Writer,  11/23/2020
Cloud Security Startup Lightspin Emerges From Stealth
Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-29378
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password [email protected]#y$z%x6x7q8c9z) for the e...
CVE-2020-29379
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access.
CVE-2020-29380
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. TELNET is offered by default but SSH is not always available. An attacker can intercept passwords sent in cleartext and conduct a man-in-...
CVE-2020-29381
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename...
CVE-2020-29382
PUBLISHED: 2020-11-29
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. A hardcoded RSA private key (specific to V1600D, V1600G1, and V1600G2) is contained in the firmware images.