Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: DNS cache poisoning and pharming

from [Salvador.Manaois] Network Security [Permanent Link]
Subject: RE: DNS cache poisoning and pharming
Date: Tue, 31 May 2005 22:15:02 +0800 
Imho this is a serious threat that every sysadmin and ISO should be
concerned with. Classic MITM attacks (with ARP spoofing) could be used
to trick users to connect to a rogue DNS server which contains records
of well-known sites which are actually spoofed on the attacker's web
server. To the user, it would seem that he is connecting to the
www.paypal.com (for example) when he is in fact connected to a spoofed
page on the attacker's web server. 

Phishing requires some user interaction (clicking on some links, for
example) but pharming is an entirely different story. The user might
just type www.somepaysite.com in the address bar and would be shown a
relatively harmless page.

...badz...
http://www.rancidroot.blogspot.com

-----Original Message-----
From: David [mailto:david@clicksee.net] 
Sent: Tuesday, May 31, 2005 5:55 PM
To: security-basics@securityfocus.com
Subject: DNS cache poisoning and pharming


http://hostsearch.com/news/logiguard_news_3177.asp
 
This article makes a claim that DNS poisoning and pharming are really
dangerous in that anyone can be redirected from trying to go to their
online bank to a fake bank site where there login is collected. Is this
really such a threat or is it just Logiguard advertising themselves?
 
Thanks,
 
Dave
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Snort sniffer logs, Ron
Previous by Thread:  RE: DNS cache poisoning and pharming, Miguel Dilaj
Next by Thread:  Cluster Domain Controller Replication, sf_mail_sbm
Indexes:  [Date] [Thread] [Top] [All Lists]