The following are today's revisions at Wikipedia (in italic), finished while watching the France vs. Switzerland match, FIFA World Cup 2006. ;-)http://en.wikipedia.org/wiki/Pharming
... Machines on the Internet identify each other by using their IP addresses, and every portion of data transmitting on the Internet (packet) is tagged with the IP addresses of the putative sender and intended recipient. ... The DNS server thus performs the service as the telephone book to return an IP address for any domain name submitted it.
... But if the criminal hijacks the victim's DNS server, changing the IP address of the target website from its real IP address to the IP address of his fake website, the victim can enter the web address (URL) properly and be directed to the fake website. Note that this is only possible when the victim accesses the original site via HTTP but not HTTPS (that is, with no SSL protection), or if the user ignores a warning about invalid server certificates.
Another method of pharming is to prevent the user's computer from contacting the legitimate DNS, either by installing a virus or trojan on the victim's computer, or compromising the user's firewall or router, or simply changing the user's "hosts" file which statically maps a domain name to an IP address. ...
http://en.wikipedia.org/wiki/Anti-pharming
... Currently the most efficient way to prevent pharming is for end users to make sure they are using secure web connections (HTTPS) to access privacy sensitive sites such as those for banking or taxing, and only accept the valid public key certificates issued by trusted sources. A certificate from an unknown organisation or an expired certificate should not be accepted all the time for crucial business. ...
http://en.wikipedia.org/wiki/DNS_Cache_Poisoning
... A poisoning attack on a single ISP DNS server can affect the users serviced directly by the compromised server or indirectly by its downstream server(s) if applicable. ...
Posts
No comments:
Post a Comment