Domain Name System is once again front and center for exploits and security policy

/in


Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way.

The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND.

It calls attention to three exploits that were disclosed and requires updates to this open source software, which is used by thousands of companies and government websites to translate the alphabetic domain names, such as SiliconANGLE.com, and a set of numerical IP addresses, such as like 35.91.118.127, back and forth. The exploits would allow remote malware execution, although none has yet been observed in the wild.

DNS is an essential glue protocol that almost every internet-related service depends on, and BIND is the most popular way DNS entries are manipulated and managed. Exploits are common targets for hackers, who can redirect traffic to their own malicious destinations, useful for phishing and subsequent data stealing operations. The recent Microsoft Layer 7 attack, for example, leveraged a few DNS exploits.

This isn’t the first alert regarding BIND, and isn’t even the first alert seen in 2023: Back in January, there was another alert that could cause denial-of-service and other system failures. Both alerts urge users to update their versions to current patched levels.

The second news item relevant to DNS concerns an open letter issued Friday by Vint Cerf, Stephen Crocker, Carl Landwehr and several others, entitled “Concerns over DNS Blocking.” The authors of this Medium post have been involved in internet protocol development and overall internet governance for decades.

The letter was sent in response to a draft bill under consideration in the French parliament entitled draft Military Planning Law 2024-2030 that was issued in early May. The authors state that the proposals “pose grave risks for global Internet security and freedom of expression.”

The meat of the proposed laws would enable wholesale DNS blocking of any internet provider operating in France. The authors claim the proposals would do more harm than good, and they…

Source…