HomeCommunitySecurity Blog

Security Blog

 

Baidu's First Look at the Weakness of the Current DNS System

Posted By Netgear Threat Lab at 5:33 PM, January 24, 2010

One of the world's top four search engines Bidu, who has 75% of the search engine market share in China, was hacked earlier this month. It is reported that the number of people affected by this could be up to 120 million.

We believe that large networks of businesses such as Baidu, invest a lot on network security. They deploy layers security including anti-virus, vulnerability discovery, intrusion detection, DDoS attack prevention, etc... But Baidu still got hacked, taken down for over five hours. Why?

Because what Baidu encountered was a DNS hijacking attack. The inherent weakness of the DNS system has left Baidu and other enterprises helpless and exposed to this type of attack.

We know that the global DNS system is a hierarchial system, with the root and core registration system located in the United States. This means that the core of the domain is not in the control of the domain owner, so once hackers hijack DNS resolution from the root the domain name owner is powerless.

At the same time, since DNS caching and synchronization takes time, even if the root entry is repaired, there is still a period of time needed for the correct entry to synchronize globally. This means repairs for such problems will be a lengthy process.

We believe that the future, people will pay more attention to the root DNS security issues. But as long as the robustness of the system is not fundamentally improved, this kind of problem will continue to happen.

Posted by: Netgear Threat Lab at 5:33 PM
Categories: Netgear Threat Lab

No TrackBacks

TrackBack URL: http://prosecure.netgear.com/cgi-bin/mt/mt-tb.cgi/67

Comments