Taking Control

Aside from becoming a data sieve, DNS is subject to more subtle attacks via tampering and cache poisoning. By changing the actual lookup data in the DNS cache, an attacker can replace a server's real IP address with one that will lead a user to the attacker's own machine. Until the cache eventually refreshes, users will be misdirected with potentially no clue to what actually happened. Hackers can use this attack to direct traffic away from the website and potentially capture private information from users. This is the tactic known as "pharming".

"It's a hard attack to detect," says Lindner, "because if you're running a big website and all of a sudden no one is coming to your website, you know something's wrong. But if a half dozen name servers have cache poisoning, it's too small [a diversion] and you won't notice it."

There has been talk for years of making DNS bulletproof by adding a public-key cryptography layer through an approach called DNSsec. "DNSsec tries to solve the spoofing problem that SSL has already solved, and the extra round-trip for DNS queries to get the public-key record only adds latency [to data traffic]," says Nate Lawson, a senior researcher at Cryptography Research. Public-key cryptography also requires companies to authenticate themselves to a certificate authority and pay for the use of a certificate, reducing the chance that many will buy in to the system. Finally, according to Kaminsky, a fundamental problem is getting all the root domains to sign up. "Everyone above you in the DNS tree must be signed," he says. "Everyone has to get on board or it doesn't work."

Despite these concerns, DNS isn't the biggest security worry a company can have. ("E-mail's in way more dire straits," Kaminsky says.) Yet it can still cause significant problems, and chances are good that any company has potential problems with at least some of its DNS name servers. Erik Sherman is a freelance writer based in Massachusetts.