Media Alert: Check Point Already Protects Against Latest DNS Attacks
SmartDefense integrated intrusion prevention in VPN-1 and Connectra secure enterprise networks from newest attack
Redwood City, CA —
Check Point® Software Technologies Ltd. (Nasdaq: CHKP), the worldwide leader in securing the Internet, today announced Check Point VPN-1® and Connectra shield servers from the latest Domain Name Server (DNS) cache poisoning threat, CVE-2008-1447, disclosed today. Check Point customers gain immediate protection against the threat by enabling DNS scrambling.
DNS cache poisoning is the first step in an attack sequence that spoofs a legitimate website to infect a user’s computer with malicious code or steal a user’s private credentials. Through the attack, hackers trick a domain name server (large servers that convert domain names into numeric IP addresses) into associating a correct domain name with the IP address of a malicious site; so, instead of visiting the intended website, users are sent to a malicious site.
The latest DNS cache poisoning technique exploits DNS requests that do not randomize source ports. Attacks can be mitigated by randomizing the source port and request ID. Check Point VPN-1 and Connectra defend customers from the attack with SmartDefense® DNS request scrambling, which has been available to customers since March 2005.
“Every time someone uses the Internet, they use a domain name server to map their Web requests to the appropriate Websites,” said Oded Gonda, vice president of network security products at Check Point. “DNS cache poisoning threats, such as the one published today, strike at the very heart of the Internet in an effort to direct users to malicious sites. Check Point’s VPN-1 and Connectra products thwart hackers’ attempts to take advantage of this latest DNS cache poisoning technique by randomizing both the source port and request ID without a need to immediately patch multiple workstations in the organization.”
Check Point SmartDefense provides intrusion prevention capabilities that are integrated into Check Point gateways. SmartDefense is updated by SmartDefense Services®, which maintain the most current preemptive security for the Check Point security infrastructure. To help defenses stay continuously ahead of today's constantly evolving threat landscape, SmartDefense Services provide ongoing and real-time updates and configuration advisories for defenses and security policies.
More information about the vulnerabilities and SmartDefense protections can be found at: www.checkpoint.com/defense/advisories/public/2008/cpai-01-Jul.html.
About Check Point Software Technologies Ltd.
Check Point Software Technologies Ltd. (www.checkpoint.com) is the leader in securing the Internet. Check Point offers total security solutions featuring a unified gateway, single endpoint agent and single management architecture, customized to fit customers’ dynamic business needs. This combination is unique and is a result of our leadership and innovation in the enterprise firewall, personal firewall/endpoint, data security and VPN markets.
Check Point’s pure focus is on information security. Through its NGX platform, Check Point delivers a unified security architecture to protect business communications and resources, including corporate networks and applications, remote employees, branch offices and partner extranets. The company also offers market-leading endpoint and data security solutions with Check Point Endpoint Security products, protecting and encrypting sensitive corporate information stored on PCs and other mobile computing devices. Check Point's award-winning ZoneAlarm solutions protect millions of consumer PCs from hackers, spyware and identity theft. Check Point solutions are sold, integrated and serviced by a network of Check Point partners around the world and its customers include 100 percent of Fortune 100 companies and tens of thousands of businesses and organizations of all sizes.