The Drunken stepFORUM - A place to discuss your worthless opinions

The Drunken stepFORUM - A place to discuss your worthless opinions (forum.drunkenstepfather.com/index.php)
-   I am - Getting Drunk & Molesting You (forum.drunkenstepfather.com/forumdisplay.php?f=15)
-   -   Attention Internet Users (forum.drunkenstepfather.com/showthread.php?t=8075)

binary_jester 07-25-2008 03:15 PM
Attention Internet Users
 
Interesting information mentioned on the radio...

http://www.informationweek.com/blog/...isoning_v.html

So most of you are wondering why should I care? Here's why...

If I were to poison a DNS server, I would set up another computer as a man in the middle server. So you type in www.wellsfargo.com. The dns, since it is now compromised, directs your connection to anywhere I have it set up, which would be that man in the middle server. I could set it up 2 ways. First, I would create a web page that looks exactly like wells fargo. I could set it up so after you type in your user name and password, you get a screen saying the site is down for maintenance. It's not, but I just got your user name and password.
Or, I could set up a sniffer that captures all the information you're sending, then forwards your packets to the real wells fargo site.
Either way, you really don't know what just happened.
I thought I would just throw this out. I am heading to Dark Knight, so I am going to read up more on it later.
Happy surfing.

DSF Guest 8 07-25-2008 03:58 PM
Don't get too awful worried I have known about this for at least a week. This flaw is NOT something an average user can fix. It has to be fixed by the system admins who run the DNS servers. Those same people had 2 weeks to apply the patch. US-Cert was notified on the 12th? and verified flaw and released a patch to fix the problem. If the IT monkeys have done their jobs there is nothing to worry about.

With that being said... you/me/anyone would never know if a DNS server was poisoned.

Trips 07-25-2008 04:02 PM
This is because of that there y2k isn't it?

n2tattoos.lol 07-25-2008 06:12 PM
Pen, does that mean no one can erase my porn?

strommsarnac 07-25-2008 07:41 PM
Um, this "flaw" has been around since the inception of DNS.

It's just until some high and mighty needing an ego boost idiot schmuck posted it for every wannabe "hacker", no one out of the DNS engineer guys knew about it.

DSF Guest 8 07-25-2008 08:00 PM
Code:
Content, Pictures  and Download links visible to registered users only.

REGISTER NOW to access all areas that are invisible to non-members.

Your porn is safe :)

Code:
Content, Pictures  and Download links visible to registered users only.

REGISTER NOW to access all areas that are invisible to non-members.
True. Noone found it is all.

Striker 07-25-2008 08:01 PM
I'm not worried about it. As Pen already pointed out, a patch was made weeks ago and should have been applied, thus fixing the problem for all the main DNS servers.... then again, ICANN had their shit fucked with not too long ago.


Every time some story about an exploit comes out, they always act like hackers are going to cause shit loads of mayhem... and it never happens.

binary_jester 07-26-2008 12:38 AM
Code:
Content, Pictures  and Download links visible to registered users only.

REGISTER NOW to access all areas that are invisible to non-members.
Because the smart thing to do is be as unobtrusive as possible.

How long was the patch for IIS servers out and how many admins found out the hard way they weren't up to date?

Not trying to scare anyone here, but information is never a bad thing.

binary_jester 07-26-2008 12:39 AM
Code:
Content, Pictures  and Download links visible to registered users only.

REGISTER NOW to access all areas that are invisible to non-members.
Caller on the radio said to buy a mac. lol


All times are GMT -5. The time now is 02:09 AM.

Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
WE CANNOT POLICE EVERYTHING POSTED - IF YOU SEE YOUR COPYRIGHT MATERIAL - SEND US AN EMAIL AND WE WILL MAKE SURE TO REMOVE IT!Ad Management plugin by RedTyger