Check Point VPN-1 and Connectra are protecting servers from the latest Domain Name Server (DNS) attacks.

 

The latest DNS cache poisoning threat, CVE-2008-1447, can be mitigated by Check Point SmartDefense DNS request scrambling technology available to Check Point customers since March 2005.

 

Check Point explained in an announcement that DNS cache poisoning is the first step in an attack sequence using a legitimate Web site to infect a user’s computer with malicious code, or to steal a user’s private information. Using this type of attack, hackers trick a domain name server into associating a correct domain name with the IP address of a malicious site; instead of visiting the intended Web site, users are sent to a malicious site.

 

CVE-2008-1447exploits DNS requests that do not randomize source ports. Therefore, severity of the attack can be reduced by randomizing the source port and request ID. Check Point VPN-1 and Connectra succeed in shielding the servers from attack with the help of SmartDefense technology.

 

SmartDefense is updated using the latest security feature, SmartDefense Services, for Check Point security infrastructure. Using this technology, SmartDefense provides intrusion prevention capabilities that are integrated into Check Point gateways. SmartDefense Services offers regular updates and configuration advisories for defenses and security policies.

 

“Every time someone uses the Internet, they use a domain name server to map their Web requests to the appropriate Web sites,” said Oded Gonda, vice president of network security products at Check Point, in a Tuesday statement. “DNS cache poisoning threats, such as the one published today, strike at the very heart of the Internet in an effort to direct users to malicious sites. Check Point’s VPN-1 and Connectra products thwart hackers’ attempts to take advantage of this latest DNS cache poisoning technique by randomizing both the source port and request ID without a need to immediately patch multiple workstations in the organization.”

 

Check Point Software (News - Alert) Technologies offers Internet security solutions combining a unified gateway, single endpoint agent and single management architecture. Check Point NGX platform and Check Point Endpoint Security products provide unified security architecture to protect business communications and resources.