The Internet gets a patch, as DNS bug is fixed

The Internet gets a patch, as DNS bug is fixed Makers of the software used to connect computers on the Internet collectively released software updates Tuesday to patch a serious bug in one of the Internet's underlying protocols, the Domain Name System (DNS). The bug was discovered "by complete accident," by Dan Kaminsky, a researcher with security vendor IOActive. Kaminsky, a former employee of Cisco Systems, is already well-known for his work in networking. By sending certain types of queries to DNS servers, the attacker could then redirect victims away from a legitimate Web site -- say, Bofa.com -- to a malicious Web site without the victim realizing it. This type of attack, known as DNS cache poisoning, doesn't affect only the Web. It could be used to redirect all Internet traffic to the hacker's servers. Although this... [read full story]