.ug cache poisoning or Man in the middle attacks? anyone have hard data??
---------- Forwarded message ---------- From: Anne-Rachel Inné <annerac...@gmail.com> Date: 2009/5/16 Subject: [AfrICANN-discuss] Google blames DNS insecurity for Web site defacements To: afric...@afrinic.net May 15, 2009 http://www.infoworld.com/t/authentication-and-authorization/google-blames-dns-insecurity-web-site-defacements-722 Google blames DNS insecurity for Web site defacements Traffic to Google sites in Uganda, Morocco and Kenya was disrupted this week By Rebecca Wanjiku | Computerworld Kenya Domain Name System (DNS) insecurity caused the defacing of Google Web sites in Uganda and Morocco, according to a Google spokesperson. Earlier this week, both Google Uganda and Google Morocco were redirecting traffic to different sites. [ Learn how to secure your systems with Roger Grimes' Security Adviser blog and Security Central newsletter, both from InfoWorld. ] "Google was not hacked, the problem occurred at the DNS level where someone redirected the Internet Protocol to other sites. We contacted the registry managers in Uganda and Morocco about the DNS attack," said Jay Nancarrow, Google Global Communications Public Affairs officer. "Yes, someone got hold of the DNS and interrupted service by redirecting [the] Google Web site and a few other Web sites," said Charles Musisi, managing director of Computer Frontiers, the operators of the .ug domain registry. Google services in Kenya were also temporarily disrupted, though Nancarrow said the cause of disruption is yet to be identified. The Google interruption has led to debate about whether Internet service providers and registry operators were monitoring the security threats posed by hackers and other malicious attackers. "Issues of DNS cache poisoning are common in East Africa. ISPs do not take security seriously, which makes it easier for malicious hackers," said Tyrus Kamau, a network security consultant. John Gichuki, a security expert who has helped set up security safeguards for companies in East Africa, says that the level of security depends on the security policies set by the information security department in an organization. "ISPs should have security assessments done; physical and operational security; they should be in a position to monitor traffic going through their routers and servers," said Gichuki. _______________________________________________ AfrICANN mailing list afric...@afrinic.net https://lists.afrinic.net/mailman/listinfo.cgi/africann -- Cheers, McTim http://stateoftheinternetin.ug _______________________________________________ LUG mailing list LUG@linux.or.ug http://kym.net/mailman/listinfo/lug %LUG is generously hosted by INFOCOM http://www.infocom.co.ug/ The above comments and data are owned by whoever posted them (including attachments if any). The List's Host is not responsible for them in any way. ---------------------------------------
