Experts say domain name resolution failures or attacks from foreign hackers
Source: Internet
Author: User
KeywordsFault server hacker domain name resolution domain name service
Website domain name resolution error led to large-scale disconnection; global 13 root domain Name Server 10 in the United States, China has no control yesterday afternoon, the national DNS domain name resolution system has a wide range of access failures, the country's most of the site to varying degrees in different regions, different network environment of access failure. The fault is network technology failure, or hacker attack? What are the risks that netizens face when they visit these websites? Because the target website has hacker attack behavior network security experts said that the site is not accessible because of the site domain name resolution error. A technician analysis that the site domain name resolution errors exist several possibilities. First, the hacker attacks the foreign root server causes the domestic server domain name resolution to be polluted. Second, because of the network nodes in the data transmission process, the node may become the target of attack. However, if the attack node, the attack is more special, "The attacker has neither a map name, nor profit, but pointed to a no specific content of the IP address." Third, hackers in the attack on a single website, because more nodes, resulting in node pollution and thus affect the whole network. In addition, there are hackers to attack domestic operators and network firewalls, or domestic network operators due to some kind of fault operation caused the failure. Dongfang, a website defender, explained that the failure was due to problems with one or two of the highest-ranking root domain names servers in 13 global DNS, "most likely human factors, not excluding hacker attacks". It is reported that the failure of a large number of sites to be resolved to the IP is the United States North Carolina State Town dynamic Internet Marvell Company. According to the record, this IP has had the hacker attack behavior. Why is the Internet not affected? Access to the Internet, to go through a URL to the IP conversion process, the process is through access to the Internet Domain name resolution system (DNS) implemented, that is, the domain name server to complete. The root domain server is the highest-level domain name server in DNS, with only 13 root servers worldwide. Of these 13 root servers, the primary root server and 9 auxiliary root servers are located in the United States, the remaining 3 units, 2 in Europe and 1 in Japan. Currently, the Internet name and digital address distribution Agency (ICANN) is fully managing DNS. Senior IT media person Yang told Beijing News reporter, in the root domain name server, ICANN plays a role in coordinating management, each organization manages the root domain name server separately, unified coordination and carries on the business operation. ICANN itself is the ultimate arbiter of Internet domain names. Although most of the domestic network access failure, but most of the site's mobile phone clients in this fault has not been affected, including micro-bo, Alipay and other mainstream applications can still be used normally. In this respect, network security Engineer Zhao explained that there are 13 root servers worldwide, assuming that two are "contaminated", and 11 are clean. Because of the different network access mechanism, mobile Internet may access different root servers, so when accessing some Web pages, on the PC can not log on, on the phone but the normal log on. Early warning experts recommend the establishment of DNS monitoring system as soon as possible DNS services are attacked hijacked, normal access is resolved to the wrong server address, the most direct impact on netizens is a large area of broken nets, the risk is phishing website fraud. The hacker may resolve the normal website domain name to the wrong address, if the hacker in this target address constructs a phishing website, the Netizen enters the account password information in the phishing website to be stolen. Large-scale DNS hijacking, the results are often broken nets, because the number of large site visits is too large, phishing server may not be able to carry large traffic visits, the moment will be paralyzed, netizens see the result is the Web page can not open. 2013, a large number of home wireless router security vulnerabilities were found, access to a specific attack Web page, the router's DNS configuration will be immediately tampered with. Since then, the injured netizens use Taobao shopping, will be forced to browse to a Taobao customer promotion station, attackers can therefore gain a lot of benefits. Some regional operators use DNS to force pop-up ads on users ' computers when they surf the internet. A website Guardian Responsible person Dongfang explained that, "This DNS fault, causes the domestic Two-thirds website DNS server resolution to fail, the national up to tens of millions of Netizen cannot visit the website normally." Fortunately, the domain name hijacked IP is an inaccessible address, if it is a phishing website or illegal profit site, may cause loss of user property, personal information leakage and other hazards. "If our country does not establish a perfect DNS monitoring and disaster preparedness system, the future is likely to be affected by such failures," Dongfang told the Beijing News reporter, "because the root domain name servers in the United States as well as Japan and Europe, our country has little control over the root domain, if the root domain name problems, Will affect all of our country domain name resolution and website visit, therefore, need to establish a complete set of DNS monitoring and disaster preparedness system. At the same time, it is best to establish a root domain directory server in China as soon as possible.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.