Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad, bad Internet news: Internet Systems Consortium site hacked


  • Please log in to reply
3 replies to this topic

#1 JohnC_21

JohnC_21

  • Members
  • 23,207 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:44 AM

Posted 28 December 2014 - 09:50 AM

From ZDnet

 

The Internet Systems Consortium (ISC) has taken the site down for maintenance because they "believe we may be infected with malware."

 

ISC is the group behind the open-source Berkeley Internet Name Domain (BIND) program. BIND is arguably the most popular DNS software on the planet. It is certainly the most used DNS program on the Unix and Linux systems that make up most of the Internet's fundamental infrastructure.

 

If the BIND code itself has been corrupted, and you've updated your DNS BIND server with the code, you could be in for a world of hurt. Your site might now have a security hole on it. It's also all too possible that it could be used for a Distributed Denial of Service (DDoS) attack.

 

 

 

 



BC AdBot (Login to Remove)

 


#2 rp88

rp88

  • Members
  • 2,980 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:44 AM

Posted 28 December 2014 - 03:05 PM

Does this affect normal internet users, or only those hosting their own sites?
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#3 JohnC_21

JohnC_21
  • Topic Starter

  • Members
  • 23,207 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:44 AM

Posted 28 December 2014 - 03:38 PM

I am pretty sure it's for people hosting their own sites and I think the author of the article made it sound scarier than it actually is.

 

From the Register

 

We're told the source code to ISC's crucial software packages are stored on a separate server, and cryptographically signed to prove they haven't been tampered with. Its BIND DNS server and DHCP tools are widely used on the internet, and included in most Linux and Unix-flavored operating systems.

"It was just the website – and it doesn't even look like we were targeted specifically," said Dan Mahoney of the ISC Security Officer team to The Register via email on Friday. "It looks like this was just one of those exploits that happens to CMSes of this nature."

You can forgive people for being slightly jumpy about an ISC.org compromise: its software glues the internet together, and the organization runs the world's F root servers [PDF] which are at the heart of the 'net's global address book of domain names.

People visiting the .org are likely to be involved in engineering software and hardware behind the scenes of the web; compromising them with malware could give attackers access to valuable systems and possibly the tools to subvert them.

 



#4 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:44 AM

Posted 28 December 2014 - 04:46 PM

No, it's not for people with their own sites. It's for people who run their own DNS server (BIND) on Linux. You can perfectly run your own site without running your own DNS server.

 

And the ISC said they have no reason to believe the BIND software was compromised.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users