|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DNS Blackhole attack
On Mon, Mar 07, 2005 at 11:38:53AM +0000, Ketil Froyn said something to the effect of: > > On Sat, 2005-03-05 at 14:43 -0800, william(at)elan.net wrote: > > > Global DNS cache poisoning attack?; Update... > > It's a bit frustrating that problems this old and well-known can > actually be used to cause damage. Uh...see tcp ports 135 through 139, and give thought to smtp as a protocol. And I hear the water is lovely in nis, nfs, and rpc this time of year... ;P > > The easiest way to check if you are vulnerable to DNS poisoning is to > try to poison yourself. Try my "poison yourself" page here: > > http://ketil.froyn.name/poison.html Nice, handy resource. What's up with the patching problems, btw? whee, --ra -- k. rachael treu, CISSP [email protected] ..quis custodiet ipsos custodes?.. > > It tries to redirect www.example.com to a fake IP (the same one as I > host my website on), where I have a virtualhost for www.example.com with > a plain html page. It'll tell you if you were poisoned. > > Cheers, > Ketil Froyn >
|