?

Log in

No account? Create an account
Wakum Mata!
Politcally Incorrect Musings
DNS is broken 
28th-Jul-2008 11:50 am
linux
DNS, or Domain Name Service, is the protocol that turns all those numbers in your IP address to something that is human readable.

... It is broken and there are exploits out there that can redirect you to "bad places".


---

PC World/Business Center/Blogs/Glenn Fleishman on Hardware

Monday, July 28, 2008 10:53 AM PDT
Obey Browser Certificate Warnings Due to DNS Flaw

A few days ago, I wrote about a fundamental flaw in the Domain Name Service (DNS) protocol that handles the lookup from human-readable names into machine-processed Internet Protocol (IP) addresses, advising all readers to determine their vulnerability and take action.

There's one more warning I should pass on, however. Because this flaw allows an attacker to poison the DNS for anyone whose system connects to an unpatched DNS server, an attacker can also bypass a protection built into encrypted Web sessions. [...]

---

Emphasis mine.

Pay attention if your browser warns you about an "invalid certificate". You may be having your session hijacked.
Comments 
28th-Jul-2008 08:23 pm (UTC)
Spybot Search&Destroy is pretty good about catching these attempts. It blocks registry changes or at least prompts you to approve them.
28th-Jul-2008 09:51 pm (UTC) - Get your free software HERE
28th-Jul-2008 09:54 pm (UTC) - Re: Get your free software HERE
Look at you providing links for people and all... and me being all lazy. :P
This page was loaded May 27th 2018, 9:39 pm GMT.