| View previous topic :: View next topic |
| Author |
Message |
NetOperator Wibby
Wings of Dreams
Age: 36
Joined: 19 Dec 2005
Posts: 772
Location: Hikari Labs � Dimensional Area
|
 Posted: Sat Jul 26, 2008 9:41 pm Post subject: DNS Server Attacks |
 |
|
hey all, i receive feeds from TMMN and this sounded pretty important to [share with everyone] else as well.
A major internet-wide exploit has been unveiled this past week concerning DNS servers and attacks have already begun. These servers act as translators for text-based URLs and their corresponding IP addresses. Being able to attack these servers can potentially open the door to the creation of the largest and most elaborate phishing operations the world has ever seen. This is why it is important to act now.
While a select few ISPs [Internet Service Providers] have confirmed patching their systems, MANY other people are still vulnerable to this attack. This is why I'm urging anyone who is checking our website to heed this warning. Possible solutions include testing your DNS, and switching DNS servers to OpenDNS. The test isn't foolproof, but OpenDNS has confirmed having patched their servers and is my personal recommendation for anyone who wants to be completely safe.
_________________
Avatar by Tabby (of my NetNavi, GuincoolMind.EXE) : : :
HP / Twitter / hikari OS / SciLab |
|
| Back to top |
|
 |
Equilibrium
Net Battler
Joined: 16 Mar 2005
Posts: 72
Location: High above the mucky-muck.
|
| Posted: Mon Jul 28, 2008 4:35 pm Post subject: |
|
|
this isn't how phishing works
_________________
hi mom. |
|
| Back to top |
|
|
NetOperator Wibby
Wings of Dreams
Age: 36
Joined: 19 Dec 2005
Posts: 772
Location: Hikari Labs � Dimensional Area
|
| Posted: Mon Jul 28, 2008 7:59 pm Post subject: |
|
|
meh, iono how they work myself but i read some articles on this "exploit" after i found out about this. i was hoping someone from this board might know more about this and share some of their wisdom on the topic.
_________________
Avatar by Tabby (of my NetNavi, GuincoolMind.EXE) : : :
HP / Twitter / hikari OS / SciLab |
|
| Back to top |
|
|
Tachyon360
Le Croissant
Joined: 16 Mar 2005
Posts: 740
|
| Posted: Thu Jul 31, 2008 7:49 pm Post subject: |
|
|
| Equilibrium wrote: | | this isn't how phishing works |
Actually, it can be. Phishing is only a means to get people's personal data, such as passwords and whatnot. The way phishers go about it is to make a counterfeit website that attempts to collect a range of personal information from people.
Typically, phishers register domain names that look similar to those legit businesses they're trying to spoof, and then send out a load of spoofed e-mails linking to that site, asking people to confirm certain personal info with a particular company. For example, someone might register, say, www.paypal-servicecheck.net, and send out an e-mail to known PayPal users asking them to confirm their credit card and bank info, with the intention of recording said info.
This situation here is slightly different, but far more insidious. By hacking a compromised DNS, attackers can have legitimate URLs send users to phishing sites. Users could conceivably enter www.paypal.com in their address bars and be sent to a counterfeit site, and unknowingly give out sensitive information thinking they are using a legitimate service.
If you're the tinfoil hat kind of person, a surefire way to protect yourself is to collect all of the IP addresses of the web services you use, and bookmark them (or memorize them, I suppose). You'll go straight to the site, with no DNS worries.
Edit: By the way, "DNS server" is redundant. "DNS" stands for "domain name server."
_________________
*placeholder* |
|
| Back to top |
|
|
NetOperator Wibby
Wings of Dreams
Age: 36
Joined: 19 Dec 2005
Posts: 772
Location: Hikari Labs � Dimensional Area
|
| Posted: Thu Jul 31, 2008 8:30 pm Post subject: |
|
|
| Tachyon360 wrote: |
Edit: By the way, "DNS server" is redundant. "DNS" stands for "domain name server." |
d'oh!
_________________
Avatar by Tabby (of my NetNavi, GuincoolMind.EXE) : : :
HP / Twitter / hikari OS / SciLab |
|
| Back to top |
|
|
Marisa
Net Agent
Age: 36
Joined: 16 Mar 2005
Posts: 217
Location: Missouri
|
| Posted: Wed Aug 06, 2008 7:45 am Post subject: |
|
|
| Quote: | | This situation here is slightly different, but far more insidious. By hacking a compromised DNS, attackers can have legitimate URLs send users to phishing sites. Users could conceivably enter www.paypal.com in their address bars and be sent to a counterfeit site, and unknowingly give out sensitive information thinking they are using a legitimate service. |
Well crap, now I'm scared to log in to my Paypal. :/ Does anyone know Paypal's IP address, perchance?
_________________
Click here to feed me a Rare Candy!
Get your own at PokePlushies! |
|
| Back to top |
|
|
Tachyon360
Le Croissant
Joined: 16 Mar 2005
Posts: 740
|
| Posted: Wed Aug 06, 2008 3:09 pm Post subject: |
|
|
Well, you could just run a whois search. If you're especially paranoid, you can also use several different web services and see if there's a discrepancy.
Personally, I wouldn't be worried. The chances of something like this happening is a longshot. Besides, there are also SSL certificates to warn you if something is amiss. I've yet to hear of any instance where someone spoofed a security certificate.
Still, since you asked, PayPal's IP is 64.4.241.33 .
_________________
*placeholder* |
|
| Back to top |
|
|
|
