Related Links

  • Secure64
  • Reed Exhibitions Ltd is not responsible for the content of external websites.

Top 5 Stories


Secure DNS server launched

17 December 2009

Secure64 Software has released a DNS cache server that is designed to protect against cache poisoning attacks.

Secure64, which specializes in products designed to support the domain name system (DNS), has released the product to help prevent a condition in which the server's local list of domain name mappings is corrupted. Attackers create this condition by pretending to be another DNS server responding to a DNS query.

One of the best defenses against DNS cache poisoning is speed. The more queries that a DNS server can process, the less chance there is of an attacker swamping the system with spoofed queries and having a strained DNS server accept one of them. Secure64 DNS Cache can cope with 125 000 queries per second, the company said.

The product also sports other cache poisoning countermeasures, including an operating system called SourceT running on HP Integrity servers. The DNS server uses a completely different implementation to the standard BIND mechanism. It features SNMP traps, and logs abnormal conditions. It also includes a moving statistics feature to provide rolling updates of attack conditions.

"Under attack, the system can provide details to help administrators set upstream router filters to protect bandwidth," Secure64 said.

Other products from Secure64 include a DNS signer for DNSSEC implementation, and an authoritative server called DNS Authority. The company advised customers not to use Secure64 DNS Cache as an authoritative server. Instead, it can be set to forward queries to an RFC-compliant authoritiative server. 

The Smart64 DNS Cache product is aimed at large volume DNS service providers. However, other companies have also been working to thwart DNS cache poisoning attacks. Google recently launched its own free DNS service for online lookups designed to prevent DNS-based attacks.

This article is featured in:
Internet and Network Security


Comment on this article

You must be registered and logged in to leave a comment about this article.

We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies. ×