What Is KernelCare SAD DNS And Why Should You Care?

Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp
Share on email
The security of the websites that you host with us is our top priority. So we use every security measure at our disposal to provide you with the best protection. There are more cybercriminals out there now then there ever was before. They delight in causing havoc and taking websites down.
What Is KernelCare SAD DNS And Why Should You Care?

Some of these cybercriminals are in it for the money. They believe that if they can hold a large website to ransom then they can extort money from the owners to make it operational again. And this happens a lot. The concept of ransomware is proof of this. So we will explain KernelCare and SAD DNS for you and why they are important.

What is KernelCare?

The aim of KernelCare is the improvement of the security and stability of systems. By achieving this, a web host can increase the satisfaction of its customers. This is something that we live by.

A kernel is at the center of an operating system. Your Windows computer has a kernel and so do the Linux servers that we use to host your websites. The kernel is an essential part of any operating system. It is responsible for the processes of the machine as well as the management of memory and the storage disks.

The kernel connects the application software to the hardware that a computer has. It is critical that a kernel is up to date as there are many “patches” for it to improve security and to improve other functions.

Manually updating a kernel can take a very long time. It can also lead to downtime, which we do not want our customers to experience. Once you have applied a manual update to the kernel it is necessary to reboot a server.

A reboot means downtime so this has to be carefully managed. There can be problems with kernel updates and the server may not come back online right away. It can take several hours to fix these issues. If the host does not perform a server reboot after a kernel update then this can open the door for security breaches.

How does a responsible web host overcome these issues? They use KernelCare. What KernelCare does is patch or fix security issues for the kernel while it is running. This means there is no downtime and no reboots.

A server that has KernelCare installed receives security updates every four hours while the server is running (live). This avoids any downtime and it also alleviates the need to reboot the server. Our servers stay up and running with the most up to date security patched kernels, and you do not experience any downtime.

What is SAD DNS?

Side Channel AttackeD (SAD) DNS is a security vulnerability that was discovered by academics some time ago. There is another name for this which is “cache poisoning”. The DNS (domain name system) is an Internet fundamental. It ensures that when an Internet user types a domain name into a browser they end up with the right website.

To bring up the right domain and website, a browser will perform a query to a DNS server so that it can identify the correct IP address associated with the domain. Most enquiries to DNS servers are performed using a protocol called UDP which doesn’t require any authentication.

This lack of authentication means that anybody can perform DNS queries to obtain IP addresses associated with domains. Using a program that can make hundreds of thousands of guesses very quickly can override DNS security and cybercriminals can identify an IP and domain match using brute force.

A cybercriminal can then use this information to poison the DNS cache associated with a domain. This will be readily accepted as there is no authentication. Now the attacker can ensure that when users enter the domain name in their browser they end up redirecting to a different server, which contains a phishing website that looks like the real thing.

Soon there will be KernelCare patches available to prevent cache poisoning due to SAD DNS. There are already kernel patches from operating system manufacturers such as Linux. The problem is that these patches require manual application, which means that a reboot is always necessary.

This is not acceptable to us as any additional reboot reboot than the scheduled ones can affect the quality of service that we provide to our customers. So we are excited about the KernelCare patches that are coming soon to prevent SAD DNS. These will be applied to running servers and there will be no requirement for a reboot.

All of our servers use KernelCare

All of our premium hosting customers already benefit from KernelCare as we have it installed on all of our servers. We are committed to providing the most secure web hosting services ensuring that our customers benefit from maxim uptime.

We do not want our servers to be out of action because they require kernel patches. But we also want to ensure that our servers are as secure as it is possible for them to be. That is why KernelCare is the perfect solution for us and for you.

If you don’t have a premium hosting account with us then you are really missing out on fast and secure web hosting for your websites. We have a range of premium hosting plans to meet your needs.

To find out more and sign up for a premium hosting account please go here. Many of our competitors do not have the same commitment to security as we do and your websites could be at risk. Don’t take that chance – sign up for a premium hosting account with us today.


Share on facebook
Share on linkedin
Share on twitter
Share on whatsapp
Share on email

Table of Contents

Recent Posts

You May also be Interested

Avoid Your WordPress Sites Being Used For Phishing Or Spam

WordPress is the world’s most popular content management system (CMS) for a lot of very good reasons. You can setup a new WordPress site on a domain name very fast these days with the one click installation software that is available in cPanel with your premium web hosting service.

Using Your Domain Emails In The Gmail Interface

Do you have a Gmail account? How would you like to access email addresses for your domains via the Gmail interface? Gmail is very popular and there are millions of users. People like the Gmail interface and are happy to use it to access emails received to their Gmail email addresses.

How To Access A WordPress Installation With a Temporary Url

Many new customers ask us how they can test a WordPress installation that they have been hosting elsewhere and now they wish to move it to our Premium Hosting Services but how they can migrate, test the installation and have temporary wordpesss admin access in our system before point the domain definitely to our servers. They cannot figure out how to do this because WordPress installations are domain based.