Re: pharming.. dns cache insertion...
This is a discussion on Re: pharming.. dns cache insertion... within the Bind Users forums, part of the DNS and Related Forums category; In article <d34ii4$ovt$1@sf1.isc.org>, "bruce" <bedouglas@earthlink.net> wrote: > ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-08-2005
|
|||
|
|||
Re: pharming.. dns cache insertion...
In article <d34ii4$ovt$1@sf1.isc.org>,
"bruce" <bedouglas@earthlink.net> wrote: > hi... > > forgive me for what might be a basic/obvious question... > > i've started seeing articles that talk about pharming, and dns insertion, > for use by hackers. can someone explain to me (or point to > articles/information that can) how someone can modify a dns server, aside > from physically/remotely accessing the server to insert/update information? > > i must be missing something here.... Sometimes you can trick servers into caching incorrect delegation data that you include in your response to a normal query. Another way is if you can sniff or predict an outgoing request from a DNS server, you can forge a reply to it. If your reply arrives before the real reply, it will be used instead. -- Barry Margolin, barmar@alum.mit.edu Arlington, MA *** PLEASE post questions in newsgroups, not directly to me *** 
|
Linear Mode
