Re: DNS Attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2008-07-25 at 13:32 -0500, Les Mikesell wrote:
> Björn Persson wrote:
> > 
> >> If you are really paranoid (or about to do large transactions on what
> >> you hope is your banking site), you could do a 'whois' lookup for the
> >> target domain to find their own name servers and send a query directly
> >> there for the target site.
> > 
> > Check that the domain name in the address bar is right, that you're using 
> > HTTPS, and that the bank's certificate has been verified correctly. Then 
> > you're safe, unless the attacker has *also* managed to trick one of the 
> > certification authorities into issuing a false certificate, or somehow 
> > sneaked a false CA certificate into your browser.
> 
> You aren't paranoid enough.  What if the spoofer is also a system 
> administrator at the bank with access to a copy of the real certificate 
> that he installs on the machine he's tricked your dns into reaching - 
> with the expected name that you'll still see.

Exactly.

I've made the decision to surf the Internet using only a sketch pad and
sticks of medium charcoal for the next several months, until this is all
resolved.
Last time something like this happened my cousin caught a trojan that
got into is toaster. It later grew and arm and stabbed him in the eye.

It was a big joke for a while (http://xkcd.com/293/) and eventually
attained urban myth status. But all myths have their basis in reality
and I was there for this one.

Remember, just because you're paranoid, doesn't mean your not in dire
need if immediate assistance from a mental health professional.

[sheesh]

Andy

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux