nanog mailing list archives
Re: On-going Internet Emergency and Domain Names
From: "Fergie" <fergdawg () netzero net>
Date: Sat, 31 Mar 2007 03:05:32 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -- "Steven M. Bellovin" <smb () cs columbia edu> wrote:
Jeff Shultz <jeffshultz () wvi com> wrote:I won't discount the assertion that there is some sort of emergency occurring. I would however, like to see a bit of a reference to where we can learn more about what is going on (I assume this is the javascript exploit I heard about a couple days ago).No -- it's a 0day in Internet Explorer involving animated cursors -- and it can be spread by visiting an infected web site or even by email.
Not that I like being in the position of correcting Steve :-) but the real answer is "yes" and "no" -- or ctually just yes. While the 0-day exploit is the ANI vulnerability, there are many, many compromised websites (remember the MiamiDolhins.com embedded javascript iframe redirect?) that are using similar embedded .js redirects to malware hosted sites which fancy this exploit. And some of them have vast audiences, increasing the potential for a major "issue" -- TBD. Track with the SANS ISC -- they're doing a good job of keeping the community abreast. Cheers, - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.0 (Build 214) wj8DBQFGDc/4q1pz9mNUZTMRAjqiAJ0UYDDep4RbSmaJ3jUdsGssSVt7AwCgnDPV PIfR8hlav9Bh20TBXBPsUZo= =wtJu -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
Current thread:
- Re: On-going Internet Emergency and Domain Names (kill this thread), (continued)
- Re: On-going Internet Emergency and Domain Names (kill this thread) Patrick Giagnocavo (Mar 31)
- Re: On-going Internet Emergency and Domain Names (kill this thread) Jeff Shultz (Mar 31)
- Re: On-going Internet Emergency and Domain Names (kill this thread) Petri Helenius (Mar 31)
- Re: On-going Internet Emergency and Domain Names Peter Thoenen (Mar 31)
- Re: On-going Internet Emergency and Domain Names Jeff Shultz (Mar 30)
- Re: On-going Internet Emergency and Domain Names Gadi Evron (Mar 30)
- Re: On-going Internet Emergency and Domain Names Steven M. Bellovin (Mar 30)
- Re: On-going Internet Emergency and Domain Names Matt Ghali (Mar 31)
- Re: On-going Internet Emergency and Domain Names Mark Green (Mar 30)
- Re: On-going Internet Emergency and Domain Names Paul Vixie (Mar 30)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)
- Re: On-going Internet Emergency and Domain Names Adrian Chadd (Mar 31)
- Re: On-going Internet Emergency and Domain Names Suresh Ramasubramanian (Mar 31)