Why bad news for all Internet; Last week, system and network administrators learned about the NTP vulnerability. The fact would not worry many, but the next news will probably result in many canceling their vacations and returning to the server room. The Internet Systems Consortium (ISC) is out modes for maintenance because as the company says “we believe we may have been infected with malware.”
ISC, the base of the BIND DNS program, has been infected with malicious software. System administrators understand why news is bad and they are already connected with ssh in their system. For the rest, we will try to explain
ISC is the group behind the Berkeley Internet Name Domain (BIND), a program open source. BIND is arguably the most popular DNS software on the planet. It is certainly the most widely used DNS program for Unix and Linux systems, which make up most of the underlying infrastructure of the Internet.
DNS is the guide list of Internet addresses. Translates every human readable Internet address in the world, such as the url https://iguru.gr, into IPv4 and IPv6 numeric addresses. These numeric addresses are then used by routers to transfer data to and from the computer, smartphone, tablet, web pages, e-mail, etc.
In other words, it is very important. Without DNS, there is no functioning Internet.
So if the BIND code is corrupted and your DNS BIND server has been updated with the malicious code, your site will have a security hole and will most likely be used for Distributed Denial of Service (DDoS).
Add another point, all over ISC is doing it F DNS root server. One of the 13 root-based Internet-based servers for global DNS services.
But things may not be as bad as they sound.
Cyphort security company, he told the ISC that their site had malware since December 22 on the main ISC site, which was using an out-of-date version of WordPress. According to Cyphort the page had been modified to lead its visitors to sites infected with the Angler Exploit Kit. Ευτυχώς, για το Διαδίκτυο, αλλά όχι και για τους χρήστες των Windows, το Angler Exploit Kit είναι ένα ειδικό κακόβουλο λογισμικό πακέτο για Windows.
At present, they do not exist reports about changes to BIND or to BIND-user mailing lists. On the static page that welcomes you to the ISC website today, ISC recommends that anyone who has visited the site recently should “scan for malware any machine that has had access on this website.”
So it now appears that the ISC problem is limited to Windows PC malware and has not been attacked on BIND or on the ISC DNS website. Do you want to risk it? We would not.
Start a proactive scan on your malware websites now and look at your DNS logs for suspicious activity.