Why is one of of the most popular websites behaving strangely?
HOME
PAGE
MEMBER RESOURCES
ABOUT US
FORUMS
PARTNERS
PRODUCTS & SERVICES
FREE RESOURCES
LOGIN
HERE
JOIN
NOW!
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community

The Streetwise Security Zone Discussion Forums are a great way to see what other managers are doing about security and what problems they have faced. You can find a lot of helpful hints and tips that could save you time and money.

You must join The Streetwise Security Zone (click HERE) in order to reply or post new items in the forums.
Author Message

ScottWright
Group Administrator

Subject: Why is one of of the most popular websites behaving strangely?
HELP!
posted by ScottWright on Monday, August 4th 2008 @ 12:04 AM

Author's Self-Rating: VVV-TT-BBB - It's always important to take note of anomalies, and in this case, it's extremely important, in order to avoid a potentially dangerous risk to your organization from something people have called the "Baileywick" vulnerability. It may exist in your Internet Service Provider's systems, and can allow hackers to easily divert your websurfing sessions (even for trusted sites) to spoofed websites.

There's a good chance that somebody in your organization may experience some strangeness on the Internet over the next few weeks and months. It could be a serious problem, resulting in your employees being exposed to "Phishing" attacks, luring them to spoofed sites to collect login passwords or other sensitive information. The reason it's happening is that there has been a major vulnerability discovered in software used by many Internet Service Providers (ISPs).

The details of the vulnerability are quite technical, but the result is clearly an increase in business and privacy risk.

Fortunately, there is a simple way to detect if your Internet Service Provider is putting you at risk by not updating their systems with the recently published fixes for this vulnerability.

All you need to do is visit the following link, which will automatically run a simple test and report instantly on how well your ISP is protecting you from the Baileywick vulnerabilty:

http://entropy.dns-oarc.net/test

If the test reports that you have good "randomness", then you are protected from this vulnerability.

However, if the randomness is low, then you must contact your ISP to let them know that it is urgent for them to address the "Baileywick" DNS vulnerability.

IMPORTANT

If you are having problems with commonly used websites on the internet - possibly experienced with sites such as Google or Paypal but they don't let you do much except log in - then your network may already be a victim to some phishing attacks based on this vulnerability. In this case, you should also notify your ISP of this detail, because they will have to immediately "flush" their corrupted systems to prevent further attacks.

You should be aware that, if you are experiencing problems with commonly trusted websites, it may not be the fault of the site itself. If it is occurring as a result of the Baileywick vulnerability, the problem is in your ISP. Your neighbor, who uses a different ISP may not have this problem.

MODERATOR'S NOTE: While the Streetwise Security Zone aims to keep our articles and posts as non-technical and simple as possible, somtimes - as in this case - it is necessary to provide some technical details to ensure the issue is treated thoroughly.

If you have any follow-up questions about this article, please post a reply comment.

________________________________
Scott Wright
The Streetwise Security Coach

Would your organization be interested in obtaining the right to use my lessons or articles in your enterprise security awareness program? Please email me at the address below...

Email: scott@streetwise-security-zone.com
Twitter: http://www.twitter.com/streetsec
Phone: 613-693-0997
Podcast: http://www.streetwise-security-zone.com/podcast.html