The survey results indicate that there has been a mass proliferation in the percentage of external name servers that allow open access to intruders. These external servers depict a major risk to the Internet because they can be used as vehicles of malice to implement distributed denial of service (DDoS) attacks.
Cricket Liu, vice president of architecture at Infoblox and author of O'Reilly & Associates' DNS and BIND, DNS & BIND Cookbook, elaborated.
"Of particular interest is the enormous growth in the number of Internet-connected name servers, largely attributable to the introduction by carriers of customer premises equipment (CPE) with embedded DNS functionality,” Liu said. “This equipment represents a significant risk to the rest of the Internet, as without proper access controls, it facilitates enormous DDoS attacks."
DNS Servers are network infrastructure that define domain names to IP addresses and route Internet queries to the correct location. Domain name resolution is essential to complete any Internet request. If an enterprise’s DNS system is subjected to attack, the results could be catastrophic causing loss of its web presence, inability of employees to access external web services and redirection of web and mail traffic to malicious sites. The last will result in data loss, identity theft, ecommerce fraud and much more.
The fifth annual DNS survey covered five percent of the IPV4 addresses -- or nearly 80 million web addresses. It assigned positive, negative and neutral ratings to various results achieved.