lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <42B08051.3000206@securescience.net>
Date: Wed, 15 Jun 2005 12:24:01 -0700
From: Lance James <lancej@...urescience.net>
To: "lists@...EC" <lists@...ec.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: [NGSEC] AntiPharming v1.00 FREE


This technology can be thwarted by any malware that has access to the 
Layered Service Provider using the service provider interface. That and 
client side malware will also target the anti-pharming tool to modify or 
break the program. What happens if the target can not reach the "3 
secure" dns servers? Do we successfully DoS the user?

Thoughts?

lists@...EC wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Hello,
> 
> NGSEC is proud to announce the new release of our new product 
> AntiPharming v1.00 [1] TOTALLY FREE for non-commercial use.
> 
> What is Pharming?
> 
> "(...)Pharming is the exploitation of a vulnerability in the DNS 
> server software that allows a hacker to acquire the Domain Name 
> for a site, and to redirect traffic to that web site to another 
> web site. DNS servers are the machines responsible for resolving 
> internet names into their real addresses - the "signposts" of the 
> internet.
> 
> If the web site receiving the traffic is a fake web site, such 
> as a copy of a bank's website, it can be used to "phish" or steal 
> a computer user's passwords, PIN number or account number.
> 
> AntiPharming Configuration For example, in January, 2005, the Domain 
> Name for a large New York ISP, Panix, was hijacked to a site in 
> Australia. In 2004 a German teenager hijacked the eBay.de Domain Name. 
> Secure e-mail provider Hushmail was also caught by this attack on 
> 24th of April 2005 when the attacker rang up the domain registrar 
> and gained enough information to redirect users to a defaced 
> webpage(...)" (Source WikiPedia).
> 
> What is AntiPharming?
> 
> AntiPharming uses active and passive protections for identifying and 
> stopping Pharming (Phising variant) attacks.
> 
> AntiPharming will actively protect your windows server from pharming 
> attacks by:
> 
>     * Denying any user (even Administrator) to write to the hosts file.
>     * Denying any user (even Administrator) to change your DNS settings.
> 
> AntiPharming will passively protect your windows server from pharming 
> attacks by sniffing on each netowrk interface for DNS replies (both 
> TCP and UDP) and recheck them against at least with three secure DNS 
> nameservers.
> 
> AntiPharming is TOTALLY FREE for non-commercial use. 
> 
> This e-mail has been signed with labs@...EC PGP key available at:
> 
>   http://www.ngsec.com/pgp/labs.asc
> 
> [1]  http://www.ngsec.com/ngproducts/antipharming/
> 
> Best Regards,
> 
> - ---
> NEXT GENERATION SECURITY, S.L. [NGSEC]
> C\ O'donnell 46, 3ยบ B
> 28009 - Madrid, SPAIN
> Tel: +34 91 435 56 27
> Fax: +34 91 577 84 45
> 
> http://www.ngsec.com
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> 
> iD8DBQFCrrwBKrwoKcQl8Y4RAsO5AJwIJ1Ngm38IT0JCujagcAz4oWgUUwCgl0Lv
> vWvO9R/kd5Skb/vzeER7kls=
> =XCYN
> -----END PGP SIGNATURE-----
> 
> 


-- 
Best Regards,
Lance James
Secure Science Corporation
www.securescience.com
Author of 'Phishing Exposed'
http://www.securescience.net/amazon/
Have Phishers stolen your customers' logins? Find out with DIA
https://slam.securescience.com/signup.cgi - it's free!	



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ