Print - DNS and Security Gurus Shed Light on Recent CERT Advisory and Other Threats to DNS Infrastructure

Source: Infoblox Inc.
July 14, 2008 09:00 ET

DNS and Security Gurus Shed Light on Recent CERT Advisory and Other Threats to DNS Infrastructure

Webinar Featuring DNS Expert Cricket Liu and Security Researcher Dan Kaminsky to Discuss New Threats, Old Vulnerabilities, and Mitigation Techniques

SANTA CLARA, CA--(Marketwire - July 14, 2008) - Infoblox Inc. today announced that it will host a webinar to explain the potential impacts of the new DNS security flaw recently publicized by the Computer Emergency Readiness Team (CERT), a joint government-private sector security partnership. Attendees will learn how to mitigate the impacts of the exploitation of this vulnerability [CERT VU#800113 (CVE-2008-1447)], as well as similar, related vulnerabilities.

The webinar will feature the security researcher who discovered the DNS flaw, Dan Kaminsky, director of penetration, testing services, IOActive, and Cricket Liu, author of O'Reilly's "DNS and BIND" and vice president of Architecture at Infoblox.

In addition to live Q&A, Kaminsky and Liu will provide during the webinar an update on the recent CERT advisory, means to mitigate the new vulnerability, a review of other known DNS vulnerabilities, and best practices for maintaining secure DNS systems.

Webinar Details

Title: "DNS Security: Old Vulnerabilities, New Exploits"

When: July 17, 2008, 8:00 a.m. San Francisco, 11:00 a.m. New York, 5:00 p.m. Paris

Speakers:

-- Dan Kaminsky, Director of Penetration testing services, IOActive

-- Cricket Liu, VP of Architecture, Infoblox

Registration: https://admin.na3.acrobat.com/_a46961130/webinardnsexpert/event/registration.html

ABOUT THE DNS VULNERABILITY

The security flaw [CERT VU#800113 (CVE-2008-1447)] makes virtually all DNS servers vulnerable to cache poisoning attacks, whereby an attacker can populate DNS server caches with incorrect information. As a result, a client request to a legitimate website can be directed to a malicious website using this attack. Once a non-suspecting user connects to the malicious website, they may divulge personal information (e.g., bank account numbers and passwords).

For more information about the vulnerability, visit: http://www.infoblox.com/solutions/DNS-Security-Flaw.cfm.

About Infoblox

Infoblox appliances deliver utility-grade core network services, including domain name resolution (DNS), IP address assignment and management (DHCP and IPAM), authentication (RADIUS) and related services. Infoblox solutions, which provide the essential "glue" between networks and applications, are used by over 2,300 organizations worldwide, including over 100 of the Fortune 500. The company is headquartered in Santa Clara, Calif., and operates in more than 30 countries. For more information, call +1.408.625.4200, email info@infoblox.com, or visit www.infoblox.com.

Contact Information: Media Contacts: Jennifer Jasper Infoblox 408.625.4309