Sophisticated phishing malicious malware software now uses DNS to ?direct users to fraudulent sites
in [Firewalls]
|
Prev: Sophisticated phishing malicious malware software now uses DNS to direct users to fraudulent sites
Next: Static Route Help
From: Ansgar -59cobalt- Wiechers on 1 Feb 2008 10:05 gomezpedro01 <gomezpedro01(a)gmail.com> wrote: > Sophisticated phishing malicious malware software now uses DNS to > direct users to fraudulent sites > > http://www.itvendorsdirectory.ca/Online-Resources/sophisticated-phishing-malicious-malware-software-now-uses-dns-to-direct-users-to-fraudulent-sites.html *sigh* When a phisher (or any other attacker) can tamper with your DNS settings (or hosts file or whatever) you have far more serious problems than a phishing attempt. On every reasonably configured system this is a non-issue, because normal users simply cannot tamper with these settings. cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich
From: Victek on 1 Feb 2008 10:56 >> Sophisticated phishing malicious malware software now uses DNS to >> direct users to fraudulent sites >> >> http://www.itvendorsdirectory.ca/Online-Resources/sophisticated-phishing-malicious-malware-software-now-uses-dns-to-direct-users-to-fraudulent-sites.html > > *sigh* > > When a phisher (or any other attacker) can tamper with your DNS settings > (or hosts file or whatever) you have far more serious problems than a > phishing attempt. > > On every reasonably configured system this is a non-issue, because > normal users simply cannot tamper with these settings. > > cu > 59cobalt One version of this scenario is a hacker gets into the home router settings because the user hasn't changed the default password and changes the DNS server settings there. I don't know how vulnerable routers are to this possibility, but it motivated motivated me to set a seriously hardened password on the configuration.
From: Ansgar -59cobalt- Wiechers on 1 Feb 2008 11:27
Victek <victek(a)invalid.invalid> wrote: >> When a phisher (or any other attacker) can tamper with your DNS >> settings (or hosts file or whatever) you have far more serious >> problems than a phishing attempt. >> >> On every reasonably configured system this is a non-issue, because ^^^^^^^^^^^^^^^^^^^^^ >> normal users simply cannot tamper with these settings. > > One version of this scenario is a hacker gets into the home router > settings because the user hasn't changed the default password and > changes the DNS server settings there. I underlined the operative words for your convenience. "Default password" does not match the criteria. > I don't know how vulnerable routers are to this possibility, They are. > but it motivated motivated me to set a seriously hardened password on > the configuration. Good idea. You should also disable UPnP. cu 59cobalt -- "If a software developer ever believes a rootkit is a necessary part of their architecture they should go back and re-architect their solution." --Mark Russinovich |