Clan x86
Technical (Development, Security, etc.) => General Security Information => Topic started by: iago on March 14, 2005, 02:50:43 pm
-
http://www.wired.com/news/infostructure/0,1377,66853,00.html?tw=rss.PRV
Some pretty good information on a newer practice of social engineering called "pharming".
It also discusses something called "DNS Cache Poisoning", which is something I want to do to "bnls.valhallalegends.com" to steal cdkeys and passwords ;)
-
We've had this conversation before, and it doesn't seem like anything really new. There's a plugin for Firefox that tells you exactly what page you are on. This is helpful if you're on some obscure URL, it tells you the basic yoursite.com location, to prevent such things. Very useful against host editing and redirection attacks.
-
I'm unsure if that can get around host editing or dns spoofing, actually. I'll have to have a look.
The only real way to avoid the problem is to only "trust" authorized https sites (with complete CA certificates issued by a certifier you trust).
-
Yes. Trust "iago" over "x86labs.org" I say! ;)
-
"I believe that DNS-poisoning pharmers will become more of a threat this year, as there is money to be made on a large scale here," said Patrick Hinojosa, chief technical officer at Panda Software, a security technology provider.
"If the right domain can be hijacked or the right DNS record poisoned, a group could make off with data that could be used to accomplish huge financial rip-offs. The problem is that the end user sitting at his computer thinks he's at the correct site because he typed the right URL into the browser," Hinojosa said.
Whos in? :P
-
I'd be interested in doing something on that large of a scale, Arcon. :p