Tuesday, July 29, 2008
Has Your Cellular Provider Patched Their DNS Servers?
Posted by Ed Hansberry in "Pocket PC News" @ 11:00 AM
I am sure most of you by now are at least aware of the DNS Poisoning vulnerability that affects all DNS servers around the world, and where many vendors, including Microsoft, Cisco and Redhat, released patches to their products on the same day in July before exploit code could be written. If you aren't aware of it, Wikipedia has a pretty good overview.
As of right now, over half of the worlds DNS servers have not been patched, even though their vendor has likely released an update, unless they run Mac OS-X Server.
One of the main reasons someone would use this exploit is to make you think you are on a secure and familiar site, like your banks website. If you typed www.mybank.com in your browser, your DNS server could actually be tricked into redirecting you to some server in Russia that looked exactly like your banks site, and your browser would still show www.mybank.com in the URL at the top. Because many of us access this information on our devices, we should be able to trust the DNS server our phone is using, which is usually provided by our cellular provider. I finally found a test that works on Windows Mobile devices. Head over to DNSStuff.com and run the "DNS Vulnerability Check" in the lower left. In order to get the button to be visible and work, you may have to put Pocket IE into "desktop" mode. I am pleased to say that T-Mobile USA got all Good and Great marks on each of the tests, at least on their DNS servers in Washington state.
If your provider fails the tests, you should contact them. You can also override the DNS entries in your internet connection settings to use the free DNS servers at OpenDNS.org.