<<<
Chronological Index
>>> <<<
Thread Index
>>>
[ga] Re: Rogue (Fraudulent) DNS Servers?
- To: Matthew Pemble <matthew@xxxxxxxxxx>
- Subject: [ga] Re: Rogue (Fraudulent) DNS Servers?
- From: Stephane Bortzmeyer <bortzmeyer@xxxxxx>
- Date: Wed, 12 Dec 2007 10:51:30 +0100
On Wed, Dec 12, 2007 at 09:12:21AM +0000,
Matthew Pemble <matthew@xxxxxxxxxx> wrote
a message of 140 lines which said:
> I assume we will actually have to wait for the survey
Yes, because the IDG paper is mostly crap. Other reports from Dagon
were very good.
> Georgia Tech's and Google's researchers estimate that as many as 0.4
> percent, or 68,000, open-recursive DNS servers are behaving
> maliciously, returning false answers to DNS queries.
That's perfectly possible but since nobody interrogates them, it is
hardly a problem.
> Attackers would then change just one file in the Windows registry
> settings, telling the PC to go to the criminal's server for all DNS
> information.
So, the attack has *nothing* to do with DNS. If the attacker can
change MS-Windows (or any other OS) settings, he can do anything.
[The mention of a "file in the Windows registry" gives a good idea of
the seriousness of the paper.]
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|