It's always nice to hear about new critical flaws that open up your system(s) to attack. I took the liberty of changing the articles headline to crackers instead of hackers since this has nothing to do with hackers. If you disagree, you clearly need to read more and watch less Hollywood movies.
I swear there wouldn't be nearly as many crackers and software pirates if we didn't give them such cool names and bad ass sounding jargon. Who doesn't want to be called a pirate or try their hand at "cache poisoning". I propose we change the pirate terminology and separate them into two groups. Music Ninjas and Software Pirates. Awesome.
The article is short, but it gives the necessary details. If you're familiar with DNS then you know how this attack works. If you don't, DNS is like the Internet's Yellow Pages full of all the addresses for every website.
The attack poisons your DNS cache and changes the data stored in it. Essentially this isn't a big deal if you're aware of Phishing and pay attention to where a poisoned cache may be redirecting you. The danger is very real to the less aware targets who try to visit their bank's website only to be redirected and enter their information into a malicious site.
I'll be interested to see how many people this truly affects before the patch closes the vulnerability for the majority of users.
Source
No comments:
Post a Comment