" * Denying any user (even Administrator) to write to the hosts file.
* Denying any user (even Administrator) to change your DNS settings."
Then who is going to modify the settings?
> On 6/14/05, lists @ NGSEC <lists@xxxxxxxxx> wrote:
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hello,
> >
> > NGSEC is proud to announce the new release of our new product
> > AntiPharming v1.00 [1] TOTALLY FREE for non-commercial use.
> >
> > What is Pharming?
> >
> > "(...)Pharming is the exploitation of a vulnerability in the DNS
> > server software that allows a hacker to acquire the Domain Name
> > for a site, and to redirect traffic to that web site to another
> > web site. DNS servers are the machines responsible for resolving
> > internet names into their real addresses - the "signposts" of the
> > internet.
> >
> > If the web site receiving the traffic is a fake web site, such
> > as a copy of a bank's website, it can be used to "phish" or steal
> > a computer user's passwords, PIN number or account number.
> >
> > AntiPharming Configuration For example, in January, 2005, the Domain
> > Name for a large New York ISP, Panix, was hijacked to a site in
> > Australia. In 2004 a German teenager hijacked the eBay.de Domain Name.
> > Secure e-mail provider Hushmail was also caught by this attack on
> > 24th of April 2005 when the attacker rang up the domain registrar
> > and gained enough information to redirect users to a defaced
> > webpage(...)" (Source WikiPedia).
> >
> > What is AntiPharming?
> >
> > AntiPharming uses active and passive protections for identifying and
> > stopping Pharming (Phising variant) attacks.
> >
> > AntiPharming will actively protect your windows server from pharming
> > attacks by:
> >
> > * Denying any user (even Administrator) to write to the hosts file.
> > * Denying any user (even Administrator) to change your DNS settings.
> >
> > AntiPharming will passively protect your windows server from pharming
> > attacks by sniffing on each netowrk interface for DNS replies (both
> > TCP and UDP) and recheck them against at least with three secure DNS
> > nameservers.
> >
> > AntiPharming is TOTALLY FREE for non-commercial use.
> >
> > This e-mail has been signed with labs@NGSEC PGP key available at:
> >
> > http://www.ngsec.com/pgp/labs.asc
> >
> > [1] http://www.ngsec.com/ngproducts/antipharming/
> >
> > Best Regards,
> >
> > - ---
> > NEXT GENERATION SECURITY, S.L. [NGSEC]
> > C\ O'donnell 46, 3º B
> > 28009 - Madrid, SPAIN
> > Tel: +34 91 435 56 27
> > Fax: +34 91 577 84 45
> >
> > http://www.ngsec.com
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.1 (GNU/Linux)
> >
> > iD8DBQFCrrwBKrwoKcQl8Y4RAsO5AJwIJ1Ngm38IT0JCujagcAz4oWgUUwCgl0Lv
> > vWvO9R/kd5Skb/vzeER7kls=
> > =XCYN
> > -----END PGP SIGNATURE-----
> >
> >
>
>
