Network Security: Detailed info on Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hos

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hos

from [Jamie Riden] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
Date:	Sun, 16 Apr 2006 14:32:29 +1200

On 14/04/06, Brandon S. Allbery KF8NH <allbery@ece.cmu.edu> wrote:


On Apr 13, 2006, at 1:29 , Dave Korn wrote:

  Hey, guess what I just found out:  Microsoft have deliberately
sabotaged
their DNS client's hosts table lookup functionality.


I thought this was part of avoiding malware attempts to block Windows
Update.


In that case, they should allow us to add symantec et al - it's not
much use having Windows Update working while the machine is happily
rootkitted. Grepping hosts files across campus for 127.0.0.1 ...
liveupdate.symantec.com  - or your local equivalent - can prove
interesting.

If it was a feature, I'd expect there to be ways to add to the list of
pass-through domains, or ways to disable it.

cheers,
 Jamie
--
Jamie Riden / jamesr@europe.com / jamie.riden@computer.org
"Microsoft: Bringing the world to your desktop - and your desktop to
 the world." -- Peter Gutmann

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Dave Korn Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Brandon S. Allbery KF8NH Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Stan Bubrouski [Full-disclosure] Re: Microsoft DNS resolver: deliberately sabotagedhosts-file lookup, Dave Korn Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, J.A. Terranson Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Jamie Riden <= Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, A . L . M . Buxey Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, dumdidumdideldey Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Joachim Schipper RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Mario Contestabile [Full-disclosure] RE: Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Nick FitzGerald Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, Duncan Simpson

Previous by Date:	[Full-disclosure] [Argeniss] Oracle Database 10gR1 Buffer overflow in VERIFY_LOG procedure, Cesar
Next by Date:	[eVuln] MD News Authentication Bypass and SQL Injection Vulnerabilities, alex
Previous by Thread:	Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, J.A. Terranson
Next by Thread:	Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup, A . L . M . Buxey
Indexes:	[Date] [Thread] [Top] [All Lists]