It is well-known that nameservers in the Domain Name System are vulnerable to a wide range of attacks. We recently performed a large scale survey to answer some basic questions about the legacy DNS: Which domain names are the most vulnerable? Which servers control the largest portion of the namespace and are thus likely to be attacked? Are there any servers with known security holes, and which domain names do they affect?
We present the results from this survey below in the hope of identifying problem spots in the Internet and thus improving the security of our common cyberinfrastructure. This study is based entirely on public data – all information available on these pages is also available to others with less-than-honorable intentions.
First, we examine the vulnerable assets in DNS. The vulnerability of a DNS name, say www.cnn.com, is tied to the number of servers whose compromise could potentially misdirect clients seeking to contact that server. These servers form the trusted computing base for that name during name resolution.Read Full Story