Beware of DNS Poisoning Threat!
There has been some “panic” in regards to DNS poisoning threat these few days. If you are reading this very post, you can be affected by the threat too! (Basically, whoever browses web pages on the internet may be affected by this attack!)
So what is this DNS Poisoning attack/threat?
According to doxpara.com:
Recently, a significant threat to DNS, the system that translates names you can remember (such as www.doxpara.com) to numbers the Internet can route (66.240.226.139) was discovered, that would allow malicious people to impersonate almost any website on the Internet. Software companies across the industry have quietly collaborated to simultaneously release fixes for all affected name servers.
In a simpler example:
What is DNS and what does it have anything to do with me?
Imagine you are logging in to your Online banking account at http://www.MyBank.com (for example). After you type in the URL on your browser, through some “magic”, that URL will be translated by your ISP (Internet Service Provider) DNS server to a fixed IP address in the background (you can say that it’s being forwarded).
The URL should be forwarded to your actual Bank’s server located somewhere around the globe. Now, if I can hack your ISP DNS server, I can change that forwarding to any location/server that I want!
Here is my sketch to show you roughly what the attack does:
I can then set-up a replica of your online banking front page (so that you don’t know that it’s actually a fake). Innocently, you type in your account login and password on my page, thinking that you are actually trying to log-in to your bank. I guess you can guess what will happen next 
So please go to www.doxpara.com and check whether your ISP DNS Server is vulnerable to this attack. The checker is on the right side of the page.
If you see the picture above, email your ISP straight away! I’ve just done mine and they said that they were in the process of updating their DNS servers.
If you want to read more about this thread, head off to ZdNet’s article.
|
Like this Post? Let your friends know about it!
Stumble it | Digg it | Bookmark it | Vote at Reddit! | Add to Mixx! | Email to friend ----------------- |
|
If you like this post, don't forget to subscribe to this blog via your favorite RSS feed reader (What is RSS?) or by entering your email address on the form below: |
Great find michael….
Great Thanks Posting
Beware of DNS Poisoning Threat!…
There is a DNS Poisoning threat happening at the moment. Whenever you browse the web, you may be affected!…
dunno really michael . it’s weird that as the security and self protection increase online the attacks increase as well
mine is safe i think !
ameos last blog post..Social Networks Stress
Wow! It’s the first time I heard about this. Imagine what damage it can do if it hits big time? And especially with half the cases unreported? People would just be lost!
Nadeesha Cabrals last blog post..How to make your blog load faster - PART 1 - Using Firebug and YSlow
Yeah, hope all DNS servers have fixed this problem. I better check my ISP server again with that checker tool
Thanks for the update Mike. I will do mine now just for security purposes.
Hye Munars last blog post..ASUS Eee PC 1000 Philippines: Price List and Specs
I get really interested with your post and concerned at the same time. I have a lot of questions in mind, but I guess I have to scan my system now using the site and ask the questions later.
Hye Munars last blog post..ASUS Eee PC 1000 Philippines: Price List and Specs