It looks like you're using an Ad Blocker.

Please white-list or disable in your ad-blocking tool.

Thank you.


Some features of ATS will be disabled while you continue to use an ad-blocker.


EXCLUSIVE: Med Network DNS Hijack, A Web Exploit That May Spell Cyber-Disaster

page: 3
<< 1  2   >>

log in


posted on Jan, 16 2005 @ 02:01 AM
What if we hijacked the dns server responses back lol?

posted on Jan, 19 2005 @ 04:13 AM
The problem appears to be affecting ISP DNS servers...

Therefore why not bypass your ISP DNS servers altogether and resolve your domain names straight from the horses mouth...

Checkout TreeWalk

Trust me you will never use your ISP DNS servers again

posted on Jan, 20 2005 @ 01:50 AM
great responses in this thread!

tons of information.
check this out:

this is a bad thing.

[edit on 20-1-2005 by __rich__]

posted on Feb, 2 2005 @ 10:30 AM
top level domains should consider start spreading their DNS towards lower domains, using pgp-keys and checksums to authenticate the sender and the content. Hackers violating the DNS through a backdoor would alter the checksum of the database, wich could be spotted by cother clients.

[edit on 2-2-2005 by Countermeasures]

posted on Apr, 6 2005 @ 08:47 PM

By Ian Betteridge
April 5, 2005

A security company has issued a warning over a possible hijacking of the Internet's DNS system, which has resulted in some users being unable to reach some Web sites—instead being redirected to sites maintained by the attackers.

According to the SANS Internet Storm Center, the company first received reports of so-called DNS cache poisoning attacks on March 3 and has been monitoring the problem since then.

The attack compromised servers and were pointed to an incorrect address for the root entries for the entire .com domain, allowing the hijackers to reroute traffic to any server with a .com address.

More than 1,300 domain names were hijacked, including some of those belonging to American Express, H&R Block, Fedex, Wal-Mart and CNN.

More Information here

Handler on Duty Marcus H. Sachs
April 3rd 2005

After monitoring the situation for several weeks now, it has become apparent that the attacker(s) are changing their methods and toolset to point at different compromised servers in an effort to keep the attacks alive. This attack morphed into a similar attack with different IP addresses that users were re-directed toward. This will be referred to as the third attack and is still ongoing as of April 1, 2005.

Related Links
Accurately resolve Web Sites

I was going to put some of my thoughts here, but the articles speak for themselvs.

Looks like Banshee was on to something back in December eh?

[edit on 6-4-2005 by makeitso]

posted on Apr, 7 2005 @ 10:08 AM
Just giving this a bump.

I wrote the above late last night. I doubt many saw it.

new topics

top topics
<< 1  2   >>

log in