New defense for DNS cache poisoning threat

NitroSecurity has developed a unique IPS solution that virtually eliminates the threat of DNS cache poisoning. Through research with the Rochester Institute of Technology (RIT), NitroSecurity demonstrated that its IPS, combined with the DNS server patch, provides protection against the exploit that is nearly 100 percent effective.

The DNS exploit presents a challenge in regard to protection. Simply blocking the vulnerability via a standard IPS detection signature would prevent access to the DNS altogether. Therefore, it is crucial to have a broad solution that not only blocks the exploit, but does not compromise the functionality of the DNS. Working with RIT, NitroSecurity has validated a solution to actively detect and block the DNS exploit while still allowing the DNS to function properly.

Recently, the DNS exploit gained widespread industry attention when Dan Kaminsky presented on the topic at this year’s Black Hat Conference in Las Vegas. If successfully executed, the exploit represents a massive security threat.

Although a patch has been released, DNS servers can still be easily compromised over a short period of time. NitroSecurity’s research with leading experts puts the risk at 10 percent within a week’s time and 37 percent within a month.