Internet flaw could let hackers take over the Web

Took them long enough to find this out. What a loophole!
--------------------------------------------------------------------------------------
Internet flaw could let hackers take over the Web
Associated Press
Posted online: San Francisco, July 9: IST


Wednesday, July 09, 2008 at 0805 hrs Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web.

Major software and hardware makers worked in secret for months to create a software "patch" released yesterday to repair the problem, which is in the way computers are routed to web page addresses.

"It's a very fundamental issue with how the entire addressing scheme of the Internet works," Securosis analyst Rich Mogul said in a media conference call.

"You'd have the Internet, but it wouldn't be the Internet you expect. (Hackers) would control everything."

The flaw would be a boon for "phishing" cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

Attackers could use the vulnerability to route Internet users wherever they wanted no matter what website address is typed into a web browser.

Security researcher Dan Kaminsky of IOActive stumbled upon the Domain Name System (DNS) vulnerability about six months ago and reached out to industry giants including Microsoft, Sun and Cisco to collaborate on a solution.

DNS is used by every computer that links to the Internet and works similar to a telephone system routing calls to proper numbers, in this case the online numerical addresses of websites.

"People should be concerned but they should not be panicking," Kaminsky said.

Kaminsky built a web page, www.doxpara.com, where people can find out whether their computers have the DNS vulnerability.

Check your DNS Server Here