25 Jul 20:32
Re: DNS Attacks
Les Mikesell <lesmikesell <at> gmail.com>
2008-07-25 18:32:58 GMT
2008-07-25 18:32:58 GMT
Björn Persson wrote:
>
>> If you are really paranoid (or about to do large transactions on what
>> you hope is your banking site), you could do a 'whois' lookup for the
>> target domain to find their own name servers and send a query directly
>> there for the target site.
>
> Check that the domain name in the address bar is right, that you're using
> HTTPS, and that the bank's certificate has been verified correctly. Then
> you're safe, unless the attacker has *also* managed to trick one of the
> certification authorities into issuing a false certificate, or somehow
> sneaked a false CA certificate into your browser.
You aren't paranoid enough. What if the spoofer is also a system
administrator at the bank with access to a copy of the real certificate
that he installs on the machine he's tricked your dns into reaching -
with the expected name that you'll still see.
--
Les Mikesell
lesmikesell <at> gmail.com
--
--
fedora-list mailing list
fedora-list <at> redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
RSS Feed