[FoRK] Poisoned DNS on the increase
Lucas Gonze
<lucas.gonze at gmail.com> on
Mon Feb 18 10:43:25 PST 2008
On Feb 18, 2008 12:47 AM, Udhay Shankar N <udhay at pobox.com> wrote:
> * (having a poisoned DNS server + trojans to change settings on victim
> machines) could get you, for example, access to a victim's banking
> transactions.
This is something on the order of a keylogger. The attacker gets root
but doesn't let the victim know, preferring to spy on or control the
victim's future movements. Still, the damage is done when the
attacker gets root. The DNS poisoning is just a small detail.
> * if you're running an open wireless AP with poisoned DNS servers, you
> don't even need control of the victim's box.
Good point.
So how do you defend yourself against DNS poisoning when you're using
an untrusted DNS? Is there some way to set your own authenticated DNS
server?
More information about the FoRK
mailing list