BBC

"A recently found flaw in the internet's addressing system is worse than first feared, says the man who found it. Dan Kaminsky made his comments when speaking publicly for the first time about his discovery at the Black Hat conference in Las Vegas. He said fixes for the flaw in the net's Domain Name System (DNS) had focused on web browsers but it could be abused by hackers in many other ways.

"Every network is at risk," he said. "That's what this flaw has shown." The DNS acts as the internet's address books and helps computers translate the website names people prefer (such as bbc.co.uk) into the numbers computers use (212.58.224.131).

Mr Kaminsky discovered a way for malicious hackers to hijack DNS and re-direct people to fake pages even if they typed in the correct address for a website. In his talk Mr Kaminsky detailed 15 other ways for the flaw to be exploited.

Via the flaw hi-tech criminals or pranksters could target FTP services, mail servers, spam filters, Telnet and the Secure Socket Layer (SSL) that helps to make web-based transactions more secure. "There are a ton of different paths that lead to doom," he said.

But the DNS threat was played down by net giant VeriSign which issues many of the security certificates used in SSL. It told BBC News its system was "not vulnerable".

LINK