infoTECH Feature

July 09, 2008

Check Point VPN-1, Connectra Protect Users Against DNS Attacks

By Rajani Baburajan
Check Point VPN-1 and Connectra are protecting servers from the latest Domain Name Server (DNS) attacks.
 
The latest DNS cache poisoning threat, CVE-2008-1447, can be mitigated by Check Point SmartDefense DNS request scrambling technology available to Check Point customers since March 2005.
 
Check Point explained in an announcement that DNS cache poisoning is the first step in an attack sequence using a legitimate Web site to infect a user’s computer with malicious code, or to steal a user’s private information. Using this type of attack, hackers trick a domain name server into associating a correct domain name with the IP address of a malicious site; instead of visiting the intended Web site, users are sent to a malicious site.
 
CVE-2008-1447exploits DNS requests that do not randomize source ports. Therefore, severity of the attack can be reduced by randomizing the source port and request ID. Check Point VPN-1 and Connectra succeed in shielding the servers from attack with the help of SmartDefense technology.
 
SmartDefense is updated using the latest security feature, SmartDefense Services, for Check Point security infrastructure. Using this technology, SmartDefense provides intrusion prevention capabilities that are integrated into Check Point gateways. SmartDefense Services offers regular updates and configuration advisories for defenses and security policies.
 
“Every time someone uses the Internet, they use a domain name server to map their Web requests to the appropriate Web sites,” said Oded Gonda, vice president of network security products at Check Point, in a Tuesday statement. “DNS cache poisoning threats, such as the one published today, strike at the very heart of the Internet in an effort to direct users to malicious sites. Check Point’s VPN-1 and Connectra products thwart hackers’ attempts to take advantage of this latest DNS cache poisoning technique by randomizing both the source port and request ID without a need to immediately patch multiple workstations in the organization.”
 
Check Point Software (News - Alert) Technologies offers Internet security solutions combining a unified gateway, single endpoint agent and single management architecture. Check Point NGX platform and Check Point Endpoint Security products provide unified security architecture to protect business communications and resources.
 
Rajani Baburajan is a contributing editor for TMCnet. To read more of Rajani’s articles, please visit her columnist page.
 
Don’t forget to check out TMCnet’s White Paper Library, which provides a selection of in-depth information on relevant topics affecting the IP Communications industry. The library offers white papers, case studies and other documents which are free to registered users. Today’s featured white paper is Jim Cossetta, President, CEO, 4What Interactive, Creators of The VoIPTrainer, brought to you by 4What Interactive (News - Alert).
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter