DNS服务是将域名转化为IP地址,并将IP地址解析为域名的关键服务,是互联网畅通的基本道路。不过因为很多原因,现在DNS缓存攻击越来越多,主要针对Windows系统的漏洞进行。
在“DNS缓存中毒”攻击中,黑客将存储在DNS服务器上的流行网站的IP地址更换为恶意网站的IP地址。这种攻击能够将人们引导到来意网站,要求用户透露机密信息或安装恶意软件。专家表示,这种技术还可以用来改变电子邮件的邮寄地址。
根据US-CERT的报告,目前受影响的站点很多,近期的名单主要在下面,请用户访问时注意系统安全。
| 3com, Inc. | Unknown | 21-Apr-2008 |
| Akamai Technologies, Inc. | Unknown | 21-Apr-2008 |
| Alcatel | Unknown | 21-Apr-2008 |
| Apple Computer, Inc. | Unknown | 5-May-2008 |
| AT&T | Unknown | 21-Apr-2008 |
| Avaya, Inc. | Unknown | 21-Apr-2008 |
| Avici Systems, Inc. | Unknown | 21-Apr-2008 |
| BlueCat Networks, Inc. | Unknown | 5-May-2008 |
| Check Point Software Technologies | Unknown | 5-May-2008 |
| Cisco Systems, Inc. | Vulnerable | 8-Jul-2008 |
| Conectiva Inc. | Unknown | 5-May-2008 |
| Cray Inc. | Unknown | 5-May-2008 |
| D-Link Systems, Inc. | Unknown | 2-May-2008 |
| Data Connection, Ltd. | Unknown | 21-Apr-2008 |
| Debian GNU/Linux | Unknown | 5-May-2008 |
| DragonFly BSD Project | Unknown | 3-Jul-2008 |
| EMC Corporation | Unknown | 21-Apr-2008 |
| Engarde Secure Linux | Unknown | 5-May-2008 |
| Ericsson | Unknown | 21-Apr-2008 |
| Extreme Networks | Unknown | 21-Apr-2008 |
| F5 Networks, Inc. | Unknown | 21-Apr-2008 |
| Fedora Project | Unknown | 5-May-2008 |
| Force10 Networks, Inc. | Unknown | 21-Apr-2008 |
| Foundry Networks, Inc. | Not Vulnerable | 8-May-2008 |
| FreeBSD, Inc. | Unknown | 5-May-2008 |
| Fujitsu | Unknown | 21-Apr-2008 |
| Gentoo Linux | Unknown | 6-Jun-2008 |
| Gnu ADNS | Unknown | 5-May-2008 |
| GNU glibc | Unknown | 5-May-2008 |
| Hewlett-Packard Company | Unknown | 21-Apr-2008 |
| Hitachi | Unknown | 21-Apr-2008 |
| Honeywell | Unknown | 21-Apr-2008 |
| IBM Corporation | Unknown | 21-Apr-2008 |
| IBM Corporation (zseries) | Unknown | 5-May-2008 |
| IBM eServer | Unknown | 21-Apr-2008 |
| Infoblox | Unknown | 5-May-2008 |
| Ingrian Networks, Inc. | Unknown | 5-May-2008 |
| Intel Corporation | Unknown | 21-Apr-2008 |
| Internet Software Consortium | Vulnerable | 8-Jul-2008 |
| Juniper Networks, Inc. | Vulnerable | 8-Jul-2008 |
| Linux Kernel Archives | Unknown | 3-Jun-2008 |
| Lucent Technologies | Unknown | 21-Apr-2008 |
| Luminous Networks | Unknown | 21-Apr-2008 |
| Mandriva, Inc. | Unknown | 5-May-2008 |
| Men & Mice | Unknown | 5-May-2008 |
| Metasolv Software, Inc. | Unknown | 5-May-2008 |
| Microsoft Corporation | Vulnerable | 8-Jul-2008 |
| MontaVista Software, Inc. | Unknown | 5-May-2008 |
| Motorola, Inc. | Unknown | 21-Apr-2008 |
| Multinet (owned Process Software Corporation) | Unknown | 21-Apr-2008 |
| Multitech, Inc. | Unknown | 21-Apr-2008 |
| NEC Corporation | Unknown | 21-Apr-2008 |
| NetApp | Unknown | 3-Jul-2008 |
| NetBSD | Unknown | 5-May-2008 |
| Netgear, Inc. | Unknown | 21-Apr-2008 |
| Network Appliance, Inc. | Unknown | 21-Apr-2008 |
| Nixu | Unknown | 3-Jul-2008 |
| NLnet Labs | Unknown | 16-May-2008 |
| Nokia | Unknown | 21-Apr-2008 |
| Nominum | Vulnerable | 4-Jul-2008 |
| Nortel Networks, Inc. | Unknown | 21-Apr-2008 |
| Novell, Inc. | Unknown | 5-May-2008 |
| OpenBSD | Unknown | 5-May-2008 |
| Openwall GNU/*/Linux | Unknown | 5-May-2008 |
| PowerDNS | Not Vulnerable | 9-Jun-2008 |
| QNX, Software Systems, Inc. | Unknown | 5-May-2008 |
| Red Hat, Inc. | Vulnerable | 3-Jul-2008 |
| Redback Networks, Inc. | Unknown | 21-Apr-2008 |
| Shadowsupport | Unknown | 5-May-2008 |
| Siemens | Unknown | 8-Jul-2008 |
| Silicon Graphics, Inc. | Unknown | 5-May-2008 |
| Slackware Linux Inc. | Unknown | 5-May-2008 |
| Sony Corporation | Unknown | 21-Apr-2008 |
| Sun Microsystems, Inc. | Vulnerable | 8-Jul-2008 |
| SUSE Linux | Unknown | 5-May-2008 |
| The SCO Group | Unknown | 5-May-2008 |
| Trustix Secure Linux | Unknown | 5-May-2008 |
| Turbolinux | Unknown | 5-May-2008 |
| Ubuntu | Unknown | 5-May-2008 |
| Wind River Systems, Inc. | Unknown | 21-Apr-2008 |
| ZyXEL | Unknown | 21-Apr-2008 |
