Bad news for the Internet: ISC hacked


Why bad news for all Internet; Last week, system and network administrators learned about NTP vulnerabilities. The fact would not worry many but the next news will probably result in many canceling their vacations and returning to the server room. The Internet Systems Consortium (ISC) has been shut down for maintenance because, as the company puts it, "we believe we may have been infected with malware."servers internet

ISC, the base of the BIND DNS program, has been infected with malicious software. System administrators understand why news is bad and they are already connected with ssh in their system. For the rest, we will try to explain

ISC is the team behind the Berkeley Internet Name Domain (BIND), an open source program. BIND is undoubtedly the most popular DNS software on the planet. It is certainly the most widespread DNS program for Unix and Linux systems, which make up most of the core Internet infrastructure.

DNS is the guide list of Internet addresses. Translates every human readable Internet address in the world, such as the url https://iguru.gr, into IPv4 and IPv6 numeric addresses. These numeric addresses are then used by routers to transfer data to and from the computer, smartphone, tablet, web pages, e-mail, etc.

In other words, it is very important. Without DNS, there is no functioning Internet.

So if the BIND code is corrupted and your DNS BIND server has been updated with the malicious code, your site will have a security hole and will most likely be used for Distributed Denial of Service (DDoS).

Add another point, all over ISC is doing it F DNS root server. One of the 13 root-based Internet-based servers for global DNS services.

But things may not be as bad as they sound.

Cyphort security company, he told the ISC that their site had malware from December 22 on the main site of ISC, which used an unpublished version of WordPress. According to Cyphort the page was modified to drive visitors to areas infected with it Angler Exploit Kit. Fortunately, for the Internet, but not for Windows users, the Angler Exploit Kit is a special malicious software package for Windows.

At present, they do not exist reports about changes to BIND or to BIND-user mailing lists. On the static page that welcomes you today to the ISC website, ISC recommends that anyone who has recently visited the site should "scan for malware on any machine that has access to this website."

Registration in iGuRu.gr via Email

Enter your email to subscribe to the email notification service for new posts.

So it now appears that the ISC problem is limited to Windows PC malware and has not been attacked on BIND or on the ISC DNS website. Do you want to risk it? We would not.
Start a proactive scan on your malware websites now and look at your DNS logs for suspicious activity.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news