Check Point IPS Protects Against BIND Vulnerability

Monday, August 10, 2009: Check Point Software Technologies has announced that Check Point IPS products protect customers against a newly discovered Berkeley Internet Name Domain (BIND) vulnerability. The exploit affects both commonly used UNIX and Windows based DNS servers and allows a remote attacker to create a denial-of-service condition.

The Berkeley Internet Name Domain (BIND) is a popular Domain Name System (DNS) implementation from Internet Systems Consortium (ISC). By sending a specially-crafted dynamic update packet to a BIND 9 server, a hacker can cause a denial of service by causing BIND to crash. The exploit is not limited to servers configured to allow dynamic updates.

The vulnerability affects also all servers that are masters of one or more zones and slave servers that are configured to forward updates to their masters. Check Point integrated IPS solutions protect against the threat by detecting and blocking maliciously crafted DNS packets, claims the company. "BIND is an important building block of the Internet DNS system.

Exploits using vulnerabilities in BIND can lead to down-time, phishing and other attacks," said Oded Gonda, vice president, network security products, Check Point. "Check Point IPS technologies are a critical security layer to traditional firewalls that will help an enterprise stay ahead of threats and vulnerabilities until servers or clients are patched."