lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed Jun 28 04:11:51 2006 From: cardosolistas at contraditorium.com (Cardoso) Subject: DNS poisoning Since Bind is open source, one needs a good knowledge of c/c++ and some time. create a few "legitim-looking" security pages, spread among clueless sysadmins as a "security upgrade" (is binddns.org taken?) and let them do the work for you. As I recall there's a rogue azureus doing something like that, spreding spywares and trojans. On Tue, 27 Jun 2006 18:57:15 -0500 "Joel R. Helgeson" <joel@...geson.com> wrote: JRH> No way to do that I know of on the DNS server itself, you could place a JRH> router in front of the DNS server that will perform a source based NAT JRH> translation to send the traffic to the poisoned server. Otherwise, you could JRH> simply place entries into the hosts file on the target machine so that the JRH> specific requests will never get resolved via DNS. JRH> JRH> Joel JRH> ----- Original Message ----- JRH> From: "Saeed Abu Nimeh" <drellman@...mail.com> JRH> To: <full-disclosure@...ts.grok.org.uk> JRH> Sent: Tuesday, June 27, 2006 4:47 PM JRH> Subject: [Full-disclosure] DNS poisoning JRH> JRH> JRH> > Is there a way to do dns poisoning and make the poisoned server provide JRH> > legitimate queries when doing dns lookup. Example: Assume I am running a JRH> > poisoned dns server, when user X does lookup yahoo.com or dig yahoo.com JRH> > I reply with legit yahoo entries, however, when user Y does the same JRH> > thing I provide fake or spoofed entires. JRH> > Thanks, JRH> > Saeed JRH> > JRH> > _______________________________________________ JRH> > Full-Disclosure - We believe in it. JRH> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html JRH> > Hosted and sponsored by Secunia - http://secunia.com/ JRH> JRH> _______________________________________________ JRH> Full-Disclosure - We believe in it. JRH> Charter: http://lists.grok.org.uk/full-disclosure-charter.html JRH> Hosted and sponsored by Secunia - http://secunia.com/ JRH> year(now) + 1 ser? o ano do linux! Cardoso <cardoso@...ox.com> - SkypeIn: (11) 3711-2466 / (41) 3941-5299 vida digital: http://www.contraditorium.com site pessoal e blog: http://www.carloscardoso.com
Powered by blists - more mailing lists