Home | Technology

Improving internet security – it’s about time

Alex Christie

14 April 2010

By way of simple explanation, every website has an IP (internet protocol) address and if you were to type an IP address into your web browser’s address bar then you would be directed to that web site. However, using IP addresses is a bit impractical so URLs are used as they are more memorable. The Domain Name System (DNS) makes the link between the IP address and web address you type in for you and redirects you to the site you requested.

iranian armyThis process takes place at local DNS root servers where the translation and redirection requests are processed. There are about 200 of these servers worldwide which can currently be hacked into relatively easily, as security was not a big consideration when the system was set up in 1983, resulting in users being redirected to websites that they did not request. A recent example was by the Iranian Cyber Army that ‘hacked’ into Twitter and Baidu and redirected users to their own web page.

Whilst this group’s attack was purely political, they could easily have redirected users to websites to infect their computers with malware.

These security problems have been around for a while and the US government named making DNS security as one of the key points in its National Strategy to Secure Cyberspace paper back in 2003!!

Homeland securityWith Domain Name System Security Extension (DNSSEC), this sort of attack would not have been possible. DNSSEC is a way to protect DNS information and ensure that IP addresses and URLs are from a verified source – the root server will wait for a digitally signed response from the web site requested. Without a signed response the user will not be redirected to the requested URL.

DNSSEC has already been deployed in a number of countries, e.g. Bulgaria and Sweden, and will be rolled out to all 200 DNS root servers over the next six months or so.

You will only need to prepare for this changeover if you own a website, and then it will probably be taken care of for you by your hosting company, and uses a process similar to SSL certificates.

LEAVE A COMMENT

IF YOU LIKED THIS POST, YOU MIGHT ALSO LIKE THESE:

Technology Acronyms

We have all been there.  You are in a meeting with a large number of people, when someone starts ratling...

Internet security breach?

Has anyone been noticing the large number of updates thats been circulating throughout your computer...

Microsoft offers free Internet Security

Microsoft has announced its intention to offer a free internet security option called Morro. This as...

Seven simple questions to make the tech guys sweat…

Evaluating and comparing new technology solutions can often be a daunting task, with everyone from...

Net Address Bug Worse Than Feared

A recent fault found in the internet's addressing system found at the Black Hat Conference in Las Vegas...

Grab This Widget