Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[NGSEC] AntiPharming v1.00 FREE

from [NGSEC] Network Security [Permanent Link]
Subject: [NGSEC] AntiPharming v1.00 FREE
Date: Tue, 14 Jun 2005 13:17:16 +0200 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

NGSEC is proud to announce the new release of our new product
AntiPharming v1.00 [1] TOTALLY FREE for non-commercial use.

What is Pharming?

"(...)Pharming is the exploitation of a vulnerability in the DNS
server software that allows a hacker to acquire the Domain Name
for a site, and to redirect traffic to that web site to another
web site. DNS servers are the machines responsible for resolving
internet names into their real addresses - the "signposts" of the
internet.

If the web site receiving the traffic is a fake web site, such
as a copy of a bank's website, it can be used to "phish" or steal
a computer user's passwords, PIN number or account number.

AntiPharming Configuration For example, in January, 2005, the Domain
Name for a large New York ISP, Panix, was hijacked to a site in
Australia. In 2004 a German teenager hijacked the eBay.de Domain Name.
Secure e-mail provider Hushmail was also caught by this attack on
24th of April 2005 when the attacker rang up the domain registrar
and gained enough information to redirect users to a defaced
webpage(...)" (Source WikiPedia).

What is AntiPharming?

AntiPharming uses active and passive protections for identifying and
stopping Pharming (Phising variant) attacks.

AntiPharming will actively protect your windows server from pharming
attacks by:

    * Denying any user (even Administrator) to write to the hosts file.
    * Denying any user (even Administrator) to change your DNS settings.

AntiPharming will passively protect your windows server from pharming
attacks by sniffing on each netowrk interface for DNS replies (both
TCP and UDP) and recheck them against at least with three secure DNS
nameservers.

AntiPharming is TOTALLY FREE for non-commercial use.

This e-mail has been signed with labs@NGSEC PGP key available at:

  http://www.ngsec.com/pgp/labs.asc

[1]  http://www.ngsec.com/ngproducts/antipharming/

Best Regards,

- ---
NEXT GENERATION SECURITY, S.L. [NGSEC]
C\ O'donnell 46, 3: B
28009 - Madrid, SPAIN
Tel: +34 91 435 56 27
Fax: +34 91 577 84 45

http://www.ngsec.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCrrwBKrwoKcQl8Y4RAsO5AJwIJ1Ngm38IT0JCujagcAz4oWgUUwCgl0Lv
vWvO9R/kd5Skb/vzeER7kls=
=XCYN
-----END PGP SIGNATURE-----

--
NTBugtraq Editor's Note:

Most viruses these days use spoofed email addresses. As such, using an 
Anti-Virus product which automatically notifies the perceived sender of a 
message it believes is infected may well cause more harm than good. Someone who 
did not actually send you a virus may receive the notification and scramble 
their support staff to find an infection which never existed in the first 
place. Suggest such notifications be disabled by whomever is responsible for 
your AV, or at least that the idea is considered.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [NGSEC] AntiPharming v1.00 FREE, NGSEC <=
Previous by Date:  Microsoft Windows - Filesystem bug allows various things, Benjamin Tobias Franz
Next by Date:  MS accounces an Update Rollup 1 for Windows 2000 SP4, Abdelhakim Aliane
Previous by Thread:  Microsoft Windows - Filesystem bug allows various things, Benjamin Tobias Franz
Next by Thread:  MS accounces an Update Rollup 1 for Windows 2000 SP4, Abdelhakim Aliane
Indexes:  [Date] [Thread] [Top] [All Lists]