North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Old McDonald Had a Pharm?!

  • From: Stephen J. Wilcox
  • Date: Tue Feb 15 14:04:54 2005

Hmm, at the point where malicious software is modifying the behaviour of 
applications you may as well compare it to a keylogger. If the miscreant has 
control of the machine anything is possible, so sure I can see how it could be a 
real threat but it might not perhaps deserve its own silly name.

I think better deployment of certificates and 2 stage token/passwords is the way
forwards for both phishing and pharming (if pharming exists) from the server
perspective. For the clients, continued education and improvement to default
security. There seems to be movement with the latter, for the former tho the 
institutions still seem to insist that we the ISPs should be paying to fix their 
poor security.


On Tue, 15 Feb 2005, Daniel Golding wrote:

> There have been a couple recent articles about a phenomenon allegedly known
> as "pharming", which people are supposedly worried about. This includes some
> combination of DNS cache poisoning and/or worm-powered URL rewriting.
> This may also be a form of "fear-driven marketing" by companies inventing
> solutions to "fix" the problem which may not exist. (Mac Anti-virus
> software, anyone? ;)
> Is anyone aware of actual "pharming" in the wild? Please reply off-list and
> I will summarize answers to the list.
> Thanks,