It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

EXCLUSIVE: Med Network DNS Hijack, A Web Exploit That May Spell Cyber-Disaster

page: 3
0
<< 1  2   >>

log in

join
share:
quiksilver

posted on Jan, 16 2005 @ 02:01 AM
link   
What if we hijacked the dns server responses back lol?


android

posted on Jan, 19 2005 @ 04:13 AM
link   
The problem appears to be affecting ISP DNS servers...

Therefore why not bypass your ISP DNS servers altogether and resolve your domain names straight from the horses mouth...

Checkout TreeWalk

Trust me you will never use your ISP DNS servers again


__rich__

posted on Jan, 20 2005 @ 01:50 AM
link   
great responses in this thread!

tons of information.
check this out:
www.washtimes.com...


news.google.com...

this is a bad thing.



[edit on 20-1-2005 by __rich__]


Countermeasures

posted on Feb, 2 2005 @ 10:30 AM
link   
top level domains should consider start spreading their DNS towards lower domains, using pgp-keys and checksums to authenticate the sender and the content. Hackers violating the DNS through a backdoor would alter the checksum of the database, wich could be spotted by cother clients.




[edit on 2-2-2005 by Countermeasures]


makeitso

posted on Apr, 6 2005 @ 08:47 PM
link   
EWEEK.com



By Ian Betteridge
April 5, 2005

A security company has issued a warning over a possible hijacking of the Internet's DNS system, which has resulted in some users being unable to reach some Web sites—instead being redirected to sites maintained by the attackers.

According to the SANS Internet Storm Center, the company first received reports of so-called DNS cache poisoning attacks on March 3 and has been monitoring the problem since then.

The attack compromised servers and were pointed to an incorrect address for the root entries for the entire .com domain, allowing the hijackers to reroute traffic to any server with a .com address.

More than 1,300 domain names were hijacked, including some of those belonging to American Express, H&R Block, Fedex, Wal-Mart and CNN.



More Information here



Handler on Duty Marcus H. Sachs
April 3rd 2005
After monitoring the situation for several weeks now, it has become apparent that the attacker(s) are changing their methods and toolset to point at different compromised servers in an effort to keep the attacks alive. This attack morphed into a similar attack with different IP addresses that users were re-directed toward. This will be referred to as the third attack and is still ongoing as of April 1, 2005.



Related Links
SANS
Accurately resolve Web Sites

I was going to put some of my thoughts here, but the articles speak for themselvs.

Looks like Banshee was on to something back in December eh?


[edit on 6-4-2005 by makeitso]


makeitso

posted on Apr, 7 2005 @ 10:08 AM
link   
Just giving this a bump.

I wrote the above late last night. I doubt many saw it.



new topics

top topics
 
0
<< 1  2   >>

log in

join


The Above Top Secret Web site is a wholly owned social content community of AboveTopSecret.com.

This content community relies on user-generated content from our member contributors. The opinions of our members are not those of site ownership who maintains strict editorial agnosticism and simply provides a collaborative venue for free expression.

All content copyright 2024, AboveTopSecret.com