According to a recent report by PCWorld, research teams working out of Google and the Georgia Institute of Technology have discovered a series of open-recursive DNS servers that were classified as behaving “suspiciously.” Open-recursive DNS servers are DNS servers that will answer any lookup request, no matter where it originates. So long as the DNS servers return accurate information—and the vast, vast, majority do—everything is kosher. When open DNS servers don’t return valid information, however, they open the door to an entire world of problems.
This method of poisoning would also allow for cross-site scripting exploits. If a user’s computer is set to allow all JavaScript and cookies from, say, MySpace, the fake MySpace web site would be able to run code as if it was the real web site. This opens the door to all sorts of further exploits and general bad things, all of which might go undetected by the user for quite some time. This type of attack could also be used to build an effective botnet—and more botnets are something we really don’t need.
[Via Arstechnica]
I am really concerned with this little development. Go read the full article and let me know what you think.