Attacks Rise On Network ‘Blind’ Spot – DNS

“The most high-profile attacks on Domain Name Service (DNS) servers are distributed denial-of-service (DDoS) attacks, but there are even more nefarious attacks on these systems underway today as cyber criminals and APT actors abuse commonly vulnerable DNS servers.

“DNS has been around forever. But there’s an overwhelming lack of expertise” in it, says Patrick Foxhoven, vice president and CTO of emerging technologies at Zscaler. “It’s been thought of as a dumb, foundational-level protocol. I believe it’s a blind area of many networks that’s often never looked at from a security point of view.” ”

Attacks Rise On Network ‘Blind’ Spot.

Its probably about time that we looked into the historical roots of network technology with an eye to the stuff we take for granted, like Internic, DNS, and even Domain name registration.

But I’m only one network guy with a limited point of view, right?

Thanks to Information Week – Dark Reading

Death of the PC

 

Yesterday my friend brought his three year-old desktop PC to me to fix the Malware that had taken it over.  The reason this is significant is that he is a VERY typical home PC user with simple tastes and unsophisticated computing needs.  Here’s the scenario:

The PC is an off-the shelf Compaq PC with Windows Vista and Internet Explorer

He connects it to the Internet via Cox Cable at home.

He uses Yahoo Instant Messenger and Skype occasionally.

Cox provides a system protection solution from McAfee.

When I checked the machine I found one of the many well-documented malware exploits that had prevented him from using the computer without paying a demanded ransom.

After using a boot sector workaround, I was able to install a malware removal product that cleaned the machine of the offending exploits.  The log file revealed that the exploits had injected themselves into executable files in his user directory.  They had names like Acrobat.exe and Skype.exe .  After cleaning, purchasing, and activating a well-known malware product, I attempted to automate a live scan for him.  It wouldn’t, because of the existence of the McAfee virus protection that Cox had given him.  He would have to use it manually until he could work something out with his ISP – who had led him to believe that he was already protected.

And now the punchline.  What’s a person to do?

The PC world has become so complicated that an average user must spend an inordinate amount of time and money just trying to use an appliance for simple things like looking up the ball scores.  Updates every day.  Protections against stupid intrusions.  Vulnerable Internet connectivity.

Consider:
You don’t have to do this for your coffee maker, microwave, TV, or even cellphone.  The builders and providers of these devices make certain that you have a simple, working appliance.

If the participants in the ecosystem of the PC, the hardware makers, operating system makers, Internet Service Providers, and – regulators like the FCC and other agencies – don’t make changes soon, the PC will vanish.

Yes vanish.  It has become far to complicated and expensive to last.  And I’m sick and tired of it.