RE: DNS cache poisoning and pharming

["Miguel Dilaj" <mdilaj () nccglobal com>]

Hi David,

Is real if the attacker(s) can poison the DNS or modify your hosts file.
I've seen it in action using the second approach to a user with
administrative privileges (so writing to the hosts file was possible).
You don't have to click to follow a link, in fact you can use your trusted
bookmark (the same you've been using for years), and you'll still visit the
attacker's site.
As usual, the theory has been lying there for years, but now it seems that a
lot of people out there is abusing it.
Cheers,

Miguel


-----Original Message-----
From: David [mailto:david () clicksee net] 
Sent: 31 May 2005 10:55
To: security-basics () securityfocus com
Subject: DNS cache poisoning and pharming


http://hostsearch.com/news/logiguard_news_3177.asp
 
This article makes a claim that DNS poisoning and pharming are really
dangerous in that anyone can be redirected from trying to go to their online
bank to a fake bank site where there login is collected. Is this really such
a threat or is it just Logiguard advertising themselves?
 
Thanks,
 
Dave




***********************************************************************************************************
DISCLAIMER:                                                                                                
This e-mail contains proprietary information, some or all of which may be legally privileged.              
It is for the intended recipient only. If an addressing or transmission error has misdirected this e-mail, 
please notify the author by replying to this e-mail. If you are not the intended recipient you may not use,
disclose, distribute, copy, print or rely on this e-mail.                                                  
***********************************************************************************************************