Why bad news for all Internet; Last week, system and network administrators learned about the NTP vulnerability. The fact would not worry many but the next news will probably result in many canceling their vacations and returning to his room server. The Internet Systems Consortium (ISC) is down for maintenance because, as the company says, "we believe we may have been infected with malware."
ISC, the base of the BIND DNS program, has been infected with malicious software. System administrators understand why news is bad and they are already connected with ssh in their system. For the rest, we will try to explain
ISC is the team behind the Berkeley Internet Name Domain (BIND), an open source program. BIND is undoubtedly the most popular DNS software on the planet. It is certainly the most widespread DNS program for Unix and Linux systems, which make up most of the core Internet infrastructure.
DNS is the guide list of Internet addresses. Translates every human readable Internet address in the world, such as the url https://iguru.gr, into IPv4 and IPv6 numeric addresses. These numeric addresses are then used by routers to transfer data to and from the computer, smartphone, tablet, web pages, e-mail, etc.
In other words, it is very important. Without DNS, there is no functioning Internet.
So if the BIND code is corrupted and your DNS BIND server has been updated with the malicious code, your site will have a security hole and will most likely be used for Distributed Denial of Service (DDoS).
Add another point, all over ISC is doing it F DNS root server. One of the 13 root-based Internet-based servers for global DNS services.
But things may not be as bad as they sound.
Cyphort security company, he told the ISC that their site had malware from December 22 on the main site of ISC, which used an unpublished version of WordPress. According to Cyphort the page was modified to drive visitors to areas infected with it Angler Exploit Kit. Fortunately, for the Internet, but not for them users of Windows, the Angler Exploit Kit is a special malware package for Windows.
At present, they do not exist reports about changes to BIND or to BIND-user mailing lists. On the static page that welcomes you to the ISC website today, the ISC recommends that anyone who has visited the recently should “scan for malware every machine that accessed this website.”
So it now appears that the ISC problem is limited to Windows PC malware and has not been attacked on BIND or on the ISC DNS website. Do you want to risk it? We would not.
Start a malware scan on your websites now and check them out archives logging your DNS for suspicious activity.
