Information Security News mailing list archives

Re: DNS attack could signal Phishing 2.0

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 13 Dec 2007 02:05:19 -0600 (CST)

Forwarded from: Crypto Admin <novembr5 (at) gmail.com>

On 12/11/07, InfoSec News <alerts () infosecnews org> wrote:

http://www.infoworld.com/article/07/12/11/DNS-attack-could-signal-Phishing-2.0_1.html

By Robert McMillan
IDG News Service
December 11, 2007

Researchers at Google and the Georgia Institute of Technology are 
studying a virtually undetectable form of attack that quietly controls 
where victims go on the Internet.


Please read the comments on this article over at CircleID, where it is 
pointed out that the data does not support any difficulties with open 
recursive DNS servers, but rather with misconfigured DNS servers. Both 
David A. Ulevitch and Brett Watson make the points far better than I 
could.

http://www.circleid.com/posts/malicious_open_recursive_dns_servers/

The authors of this report would have done themselves a favor, had they 
listened to their reviewers.


__________________________________________________________________      
Visit InfoSec News
http://www.infosecnews.org/

Current thread:

DNS attack could signal Phishing 2.0 InfoSec News (Dec 11)
- <Possible follow-ups>
- Re: DNS attack could signal Phishing 2.0 InfoSec News (Dec 13)
- RE: DNS attack could signal Phishing 2.0 InfoSec News (Dec 16)
- RE: DNS attack could signal Phishing 2.0 InfoSec News (Dec 17)