UC Davis helps deflect Internet address security problem

UC Davis computer administrators are working to protect the campus from a vulnerability affecting the Domain Name System (DNS), a key piece of the Internet's support structure.

The DNS translates the names of Web sites (such as ucdavis.edu) to numerical IP addresses, and vice versa. The "DNS resolver vulnerability CVE-2008-1447" potentially affects most campus servers, including ones that use Windows, Macintosh, Linux or Solaris operating systems. An attacker can use the flaw to redirect Web traffic, email, and other network data to systems the attacker controls. (Find a less technical description in this BBC report.)

Several solutions are available, and administrators across the IT industry are cooperating to fix the problem. UC San Diego, for example, has been running daily scans from its network against the UC Davis computer network to detect vulnerable systems. When the scan finds one, system administrators are contacted and the system is updated. Information and Educational Technology also scans the UC Davis computer network internally to look for the vulnerability.