Full Disclosure mailing list archives

Re: DNS Hijack Attacks

From: Rodrigo Barbosa <rodrigob () suespammers org>
Date: Tue, 25 Nov 2003 21:19:09 -0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Nov 25, 2003 at 08:57:32PM -0000, Richard Maudsley wrote:

Am I right in thinking that this attack is where a DNS server is broken into
and the routing table modified so that a domain name points to a different
server where the content is controlled by the attacker?


Yes and no. There are other, and better, methods to do it.

Could anyone point me in the right direction for more information. I was
hoping for a whitepaper or something...


Try looking also for "DNS cache poisoning" and "DNS poisoning".

- -- 
Rodrigo Barbosa <rodrigob () suespammers org>
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/w+NtpdyWzQ5b5ckRAjR3AKCkXIkD1rCycrmISCpLLdxVpx5+WwCfbjHj
YcJhD3MdZl/SfGcw5vAu78Y=
=AWtL
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

DNS Hijack Attacks Richard Maudsley (Nov 25)
- Re: DNS Hijack Attacks Rodrigo Barbosa (Nov 25)
- <Possible follow-ups>
- RE: DNS Hijack Attacks Norman Girard (Nov 25)