| Author |
Message |
    
Rastro
Citizen
Username: Rastro
Post Number: 758
Registered: 5-2004
| | Posted on Tuesday, March 15, 2005 - 4:41 pm: |     |
http://reviews.cnet.com/4520-3513_7-5670780-1.html?tag=nl.e497
Rather than spamming you with e-mail requests, pharmers work quietly in the background, "poisoning" your local DNS server by redirecting your Web request somewhere else. As far as your browser's concerned, you're connected to the right site. The danger here is that you no longer have to click an e-mail link to hand over your personal information to identity thieves. |
Brett
Citizen
Username: Bmalibashksa
Post Number: 1541
Registered: 7-2003
| | Posted on Tuesday, March 15, 2005 - 5:43 pm: | |
Here's a check to see if you macine is spoofing.
http://secunia.com/multiple_browsers_idn_spoofing_test/ |
Dave
Citizen
Username: Dave
Post Number: 5604
Registered: 4-1998
| | Posted on Tuesday, March 15, 2005 - 5:56 pm: | |
For those on Mac using Firefox, this threat has been fixed:
http://www.mozilla.org/products/firefox/ |
Rastro
Citizen
Username: Rastro
Post Number: 760
Registered: 5-2004
| | Posted on Tuesday, March 15, 2005 - 11:22 pm: | |
Actually, this is not a local (to your machine) issue. They're talking about hacking the DNS, not a locally cached equivalent of the hosts file.If citibank.com is redirected at the DNS level, there's nothing you can do locally to "fix" it. |
argon_smythe
Citizen
Username: Argon_smythe
Post Number: 548
Registered: 5-2001
| | Posted on Thursday, March 17, 2005 - 8:15 am: | |
You could use an ip address.
|
Rastro
Citizen
Username: Rastro
Post Number: 761
Registered: 5-2004
| | Posted on Thursday, March 17, 2005 - 10:01 am: | |
true...
Without going to a DNS server, what is citibank's online banking system's IP address?
 |
Dave
Citizen
Username: Dave
Post Number: 5619
Registered: 4-1998
| | Posted on Thursday, March 17, 2005 - 10:18 am: | |
I downloaded the update to Firefox and it's fixed. |
Brett
Citizen
Username: Bmalibashksa
Post Number: 1549
Registered: 7-2003
| | Posted on Thursday, March 17, 2005 - 10:21 am: | |
How did that fix it Dave? Did you download a DNS server? |
Rastro
Citizen
Username: Rastro
Post Number: 764
Registered: 5-2004
| | Posted on Thursday, March 17, 2005 - 10:24 am: | |
I guess I wasn't clear about what I was concerned about in my original post. This is the part that's scary...
quote:But DNS poisoning is a whole different kettle of fish (so to speak), and much more subtle than what I just described. When a cracker poisons a DNS server, he or she changes the specific record for a domain, sending you to a Web site very different from the one you intended to access--without your knowledge. Usually, the cracker does this by posing as an official who has the authority to change the destination of a domain name. DNS poisoning is also possible via software vulnerability, however. A white paper by Joe Stewart from the security company Lurhq and published on SecurityFocus offers more about DNS poisoning, including its history.
|
Dave
Citizen
Username: Dave
Post Number: 5621
Registered: 4-1998
| | Posted on Thursday, March 17, 2005 - 12:40 pm: | |
I downloaded the Firefox update 1.0.1. It prevents the issue you brought up in the spoofing test link.
|
Closed: New threads not accepted on this page