ksh shrm wrote:
Is there anything we all care about.
We are normal users who don't have any server at home.
Just a PC with internet connection to surf.
Then you are safe as long as you don't shop, bank, use a search engine,
or ever provide any information of any nature you don't want to be
James Kosin wrote:
Everyone,
The DNS attacks are starting!!!
Below is a snippet of a logwatch from last night. Be sure all DNS
servers are updated if at all possible. The spooks are out in full on
this security vulnerability in force.
THIS IS YOUR LAST WARNING...!!!
Patch or Upgrade NOW
On Fri, 2008-07-25 at 13:32 -0500, Les Mikesell wrote:
Björn Persson wrote:
If you are really paranoid (or about to do large transactions on what
you hope is your banking site), you could do a 'whois' lookup for the
target domain to find their own name servers and send a query directly
On Mon, 2008-07-28 at 10:58 +0200, Andrew Kelly wrote:
I've made the decision to surf the Internet using only a sketch pad
and sticks of medium charcoal for the next several months, until this
is all resolved. Last time something like this happened my cousin
caught a trojan that got into is
Les Mikesell wrote:
You aren't paranoid enough. What if the spoofer is also a system
administrator at the bank with access to a copy of the real certificate
that he installs on the machine he's tricked your dns into reaching -
with the expected name that you'll still see.
Then the bank has
Björn Persson wrote:
Les Mikesell wrote:
You aren't paranoid enough. What if the spoofer is also a system
administrator at the bank with access to a copy of the real certificate
that he installs on the machine he's tricked your dns into reaching -
with the expected name that you'll still see.
: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mikkel L. Ellertson
Sent: Saturday, July 26, 2008 6:01 AM
To: For users of Fedora
Subject: Re: DNS Attacks
Björn Persson wrote:
Les Mikesell wrote:
You aren't paranoid enough. What if the spoofer is also a system
administrator at the bank
Mikkel L. Ellertson wrote:
You aren't paranoid enough. What if the spoofer is also a system
administrator at the bank with access to a copy of the real certificate
that he installs on the machine he's tricked your dns into reaching -
with the expected name that you'll still see.
Then the
Les Mikesell wrote:
Yes, but controlling 'who does what' only works as long as the selected
person does what you expect. Are you following the case of the San
Francisco network admin that refused to give the password to anyone
else? This may not even be malicious (he may just think everyone
On Fri, Jul 25, 2008 at 01:32:58PM -0500, Les Mikesell wrote:
Björn Persson wrote:
If you are really paranoid (or about to do large transactions on what
you hope is your banking site), you could do a 'whois' lookup for the
target domain to find their own name servers and send a query directly
Everyone,
The DNS attacks are starting!!!
Below is a snippet of a logwatch from last night. Be sure all DNS
servers are updated if at all possible. The spooks are out in full on
this security vulnerability in force.
THIS IS YOUR LAST WARNING...!!!
Patch or Upgrade NOW!
James Kosin
A long
Zhe zombies are coming But we are all aware of this fact after release
of the patch ;)
Greetings,
Jim.
Everyone,
The DNS attacks are starting!!!
Below is a snippet of a logwatch from last night. Be sure all DNS
servers are updated if at all possible. The spooks are out in full
Jim van Wel wrote:
Zhe zombies are coming But we are all aware of this fact after release
of the patch ;)
Greetings,
Jim.
I know; but there is always somebody who always says, It won't happen
to me. And sadly they usually never learn their lesson even if
repeated multiple times.
I
Is there anything we all care about.
We are normal users who don't have any server at home.
Just a PC with internet connection to surf.
adios
KSH SHRM
People don't care how much you know, until they know how much you care...
2008/7/25 James Kosin [EMAIL PROTECTED]:
Jim van Wel wrote:
Zhe
James Kosin [EMAIL PROTECTED] writes:
client 143.215.143.11 query (cache) 'com/ANY/IN' denied: 30 Time(s)
client 143.215.143.11 query (cache) 'gmail.com/ANY/IN' denied: 32
Time(s)
client 143.215.143.11 query (cache) 'hotmail.com/ANY/IN' denied: 31
Thanks for posting. Maybe this
ksh shrm wrote:
Is there anything we all care about.
We are normal users who don't have any server at home.
Just a PC with internet connection to surf.
adios
KSH SHRM
I guess there era a lot of abnormal users on this list them. And it
is a concern even if you do not run a name server,
]
[mailto:[EMAIL PROTECTED] Behalf Of Mikkel L. Ellertson
Sent: Friday, July 25, 2008 9:56 AM
To: For users of Fedora
Subject: Re: DNS Attacks
ksh shrm wrote:
Is there anything we all care about.
We are normal users who don't have any server at home.
Just a PC with internet connection to surf
bruce wrote:
As I understand the issue. The issue is one of being able to poison the DNS
app on the DNS server. There's not really much the casual user can do, aside
from switching to another DNS/IP address that's safe. But the rub is, do you
really know if the DNS/IP you're switching to is
Wolfgang S. Rupprecht wrote:
James Kosin [EMAIL PROTECTED] writes:
client 143.215.143.11 query (cache) 'com/ANY/IN' denied: 30 Time(s)
client 143.215.143.11 query (cache) 'gmail.com/ANY/IN' denied: 32
Time(s)
client 143.215.143.11 query (cache) 'hotmail.com/ANY/IN' denied: 31
Thanks
James Kosin [EMAIL PROTECTED] writes:
But, the patches out don't fix the issue totally. That would require
a complete re-write of the DNS and how DNS works. This is something
already in the works.
The patch just makes it more difficult to trigger the issue. I'm
using the patched version
Mikkel L. Ellertson wrote:
ksh shrm wrote:
Is there anything we all care about.
We are normal users who don't have any server at home.
I guess there era a lot of abnormal users on this list them.
Yeah, I'm abnormal. And my DNS server is upgraded.
Björn Persson
--
fedora-list mailing
Les Mikesell wrote:
If you are really paranoid (or about to do large transactions on what
you hope is your banking site), you could do a 'whois' lookup for the
target domain to find their own name servers and send a query directly
there for the target site.
Check that the domain name in the
To: For users of Fedora
Subject: Re: DNS Attacks
Les Mikesell wrote:
If you are really paranoid (or about to do large transactions on what
you hope is your banking site), you could do a 'whois' lookup for the
target domain to find their own name servers and send a query directly
Les Mikesell [EMAIL PROTECTED] writes:
James They'd have to spoof several things at once to keep it from being
obvious but you are right, the whois result will give names that you
have to look up somehow.
Go for the gusto. Spoof the nameservers. Why screw around?
-wolfgang
--
Wolfgang S.
On Fri, Jul 25, 2008 at 10:02:57 -0700,
bruce [EMAIL PROTECTED] wrote:
As I understand the issue. The issue is one of being able to poison the DNS
app on the DNS server. There's not really much the casual user can do, aside
from switching to another DNS/IP address that's safe. But the rub is,
bruce wrote:
while what you say makes sense... the vast majority of people pop up their
favorite browser, and go to a site.. there's no way these guys (my mother
included) are going to get into the esoteric details of what goes on behind
the scenes for the browser/dns/certificates/etc...
They
26 matches
Mail list logo
