Wifi Password Recovery - UTM - Vulnerability Scanning


VIP LOUNGE
CLOUD LOGIN
Sun Sun Sun

You are here: News > News > Security for Internet's Root Zone Finally Implemented

» IT Security NEWS
 
» 04 June 2009
Security for Internet's Root Zone Finally Implemented
The U.S. government announced on Wednesday that it plans to digitally sign the worldwide web's root zone by the end of the year, which is a move that would end years or even decades of idleness in protecting the Internet's most important asset.

The U.S. Department of Commerce's NTIA (National Telecommunications and Information Administration) said it was going ask for the assistance of VeriSign and ICANN (Internet Corporation for Assigned Names and Numbers) to put into operation the measure, which has been named DNSECC (Domain Name System Security Extensions). Last October, the two agencies presented two distinct requests that offered stridently divergent goals for putting the complex framework into place.

A statement released by the NTIA reads that both parties are working on a short-term method in deploying and executing the security technology—the DNSSEC—at the commanding root zone—that is, the DNS or the address book—of the Internet. It then plans to make follow-up discussions with the worldwide web's technical community while the implementation and testing schemes are being worked out.

The vague and ambiguous NTIA statement didn't answer a lot questions about the roll-out, especially the individual responsibilities and roles of ICANN and VeriSign in the project. The details about when a permanent solution can be expected and how far the interim quick fix will go were unanswered as well.

The responses to such queries are important given the vulnerabilities that today's MD5-using DNS has. In 2008, Dan Kaminsky, the Director of Penetration Testing and security researcher for IOActive, showed in an understandable manner how to generate fraudulent certificate authentication in the root zone, which acts as the trustworthy document to rerouting web requests, e-mail, and other web traffic.

The bug, which is an intrinsic design flaw found in DNS's use of the MD5 algorithm format, has the potential to destroy the browser trust model as we know it because it provides an easy, low-cost way for hackers to attack websites of government agencies, banks, credit card companies, and similarly sensitive organizations. As Kaminsky said, any cyber criminal can defeat all security measures within the information superhighway by merely taking control of DNS.

Under last year's proposals, VeriSign and ICANN provided opposing points of view on why each should supervise the root key. In regards to their competing takes on DNS supervision, both the representatives of VeriSign and the NTIA spokesperson were not able to comment on the matter.

 


Reviews of SecPoint.com
 
 
 
 
 

Awards & Reviews
  

  

Subscribe to our Mailing List

Customer References


About
About
SecPoint
History
Mission Statement
Vision
Management
Investment
Bank
Sponsorship
Certificates
Environment
Environment
What is RoHS Weee?
Accounting
Values
Member of Organisations
Merchandise
SecPoint Certification
Design
Status Information
Hardware Vendors
Jobs
Environment
SecPoint on social media
Twitter Facebook Youtube
Products
Products
Protector
Cloud Protector
Penetrator
Portable Penetrator
Cloud Penetrator
Free IT Security Tools
Pricing
SecPoint Brochures
SecPoint Questions FAQ
SecPoint Datasheets
SecPoint SPID Library


Partners
Partners
Become a SecPoint Affiliate
Become a SecPoint Partner
SecPoint Franchising
SecPoint Partner Lounge
News
News
Press
Product Awards
SecPoint RSS Feeds


Contact
Contact
General Contact
IT Security Products Webshop
Latest SecPoint Software Images Change Log
SecPoint FAQ Frequently Asked Questions
SecPoint on Twitter
SecPoint Sales Training Videos
SecPoint Shipping Cost
SecPoint World Wide Shipping
Support
Solutions
Anti-Spam Appliance
UTM Appliance
Penetration Testing
Proxy Appliance
SAAS
Spam Filters
Vulnerability Assessment
Vulnerability Scanner
Vulnerability Scanning
Vulnerability Scanning Appliance
Web Content Filter
Web Filter Appliance
WiFi Hacking
How essential is vulnerability
management?
What is ...?

Encyclopedia | Free Scan Statement | Link Policy | Privacy Statement | Resources | Sitemap | User Policy
© Copyright 1999-2012: SecPoint®
SecPoint ApS Noerregade 7B - 1165 Copenhagen K - Denmark
US Toll free: +1-888-704-7297 - EU: +45-70-235-245