It is one of the most popular technology news sites in UK and worldwide, The Register. The first news I read was “The Register Hacked”, posted by a fellow user Chris Woollard but. Later, it came to light that it was not the site but the DNS (Domain Name Server) which got hacked. Along with it, the sites Coca Cola, UPS, Telegraph Newspaper had been cracked and displayed a black page stating “TurkguvenLigi” and Sept4, “happy World Hackers day-Have funJ hack you”
Here’s the broad outline of what happened. DNS is the master address list database system for the Web. With it, instead of writing out an Internet Protocol (IP) address like “http://22.214.171.124/,” one of Google’s many addresses, we type in “http://www.google.com” and we’re on our way to the site. But, if someone cracks a DNS server, they can assign the human readable Uniform Resource Locator (URL) address to whatever IPv4 address they want.
The sites themselves were fine. Indeed, in attacks like this, they’re usually not touched at all. All what has happened is when the Web browser looks up a site’s IP address it’s going to get the wrong information.
It appears, according to Zone-H, a site that monitors Web site attacks, that at least 186 Websites were attacked. In addition to the ones already mentioned, other companies that were affected included Adobe, Dell, Microsoft, and Harvard University and, oh the irony, security companies Bit Defender, F-Secure, and Secunia.
The fact that even security companies were hit by this attack underlines, you can’t secure the Internet. You need to make sure your Internet partners–ISPs and DNS providers–also have their security act together before you can assume that your customers and clients will be able to safely reach your site.
The best way which I feel to avoid such DNS routing is by using a firewall analyzer which gives a time to time update on what passes through the network and also handy event log to know what are the changes that passed through the network