Network Security: Detailed info on Re: Drive-by Pharming Threat

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Vuln-Dev

[Top] [All Lists]

Re: Drive-by Pharming Threat

from [Marcello Barnaba] Network Security

[Permanent Link]

Subject:	Re: Drive-by Pharming Threat
Date:	Sat, 17 Feb 2007 22:43:57 +0100

Hi,

On Saturday 17 February 2007 07:06, Memisyazici, Aras wrote:

A very simple solution (for home users at least, although could be
implemented to commercial/enterprise as well) to this dilemma would be to
block access/pop-up warning message for all traffic from the Internal LAN
IPs to Internal LAN based webpages (port 80,81,8080 and 443)...


And how do you unlock yourself free, afterwards?

i.e. MOST modems serve their mgmt page via http://198.168.100.1 Block all

access to that IP, end of story :)

Communications Accessibles Montreal Inc. certainly disagrees.
-- 
pub 1024D/8D2787EF  723C 7CA3 3C19 2ACE  6E20 9CC1 9956 EB3C 8D27 87EF

pgpTs2uHzlZbr.pgp
Description: PGP signature

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Drive-by Pharming Threat, Zulfikar Ramzan Re: Drive-by Pharming Threat, Mark Senior Re: Drive-by Pharming Threat, Dennis RE:Drive-by Pharming Threat, psirt RE: Drive-by Pharming Threat, Memisyazici, Aras Re: Drive-by Pharming Threat, Marcello Barnaba <= Re: Drive-by Pharming Threat, Cedric Blancher

Previous by Date:	[Full-disclosure] [ GLSA 200702-07 ] Sun JDK/JRE: Execution of arbitrary code, Raphael Marichez
Next by Date:	[Full-disclosure] [ GLSA 200702-08 ] AMD64 x86 emulation Sun's J2SE Development Kit: Multiple vulnerabilities, Raphael Marichez
Previous by Thread:	RE: Drive-by Pharming Threat, Memisyazici, Aras
Next by Thread:	Re: Drive-by Pharming Threat, Cedric Blancher
Indexes:	[Date] [Thread] [Top] [All Lists]