Go Back   Neko-Sentai » General Discussion Forums » General Random Topics forum

Notices

Reply
 
Thread Tools
Old 07-25-2008, 11:30 AM   #1
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,032
Thanks: 2,008
Thanked 6,422 Times in 3,372 Posts

Default Technical Website vuln (info-ish)

As posted in announcments, for full details go here
http://www.doxpara.com/

What this is, is a DNS routing exploit that effects millions of possible PC's around the world.

Baiscally what it is, is a "bad guy" checks around for a DNS server that hasne't been patched, exploits it so...

Lets say you type www.bankofamerica.com and you expect to go to bankofamerica.com. If your ISP DNS server has been altered, you will instead go to a fake bankofamerica.com.

Problem is you can't tell if its the real or fake site (if the bad guy made it to look the same) and could steal all your info easily.

To check if your vulnrable to this "exploit" go to the link provided above to check, if you are there is also a link to fix the problem. (Its on the right side the page, button is Check my DNS" )
Gulkeeva is offline  
Reply With Quote
Old 07-25-2008, 11:54 AM   #2
Lalana
Regular Forum User
Dat Modder
Forum Member
 
Join Date: Jul 2008
Posts: 1,108
Thanks: 0
Thanked 1 Time in 1 Post

Default

It's also on the right-hand side of the page, at the top.

I'm not going to run it though... I don't like to run anything people post on forums, it's just too risky. If it's something important that i'd like to see, I just search for another source i can trust to use/download it.

But i'm paranoid... Probably why I've never had a single virus on my computer xD
Lalana is offline  
Reply With Quote
Old 07-25-2008, 12:13 PM   #3
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,032
Thanks: 2,008
Thanked 6,422 Times in 3,372 Posts

Default

Quote:
Originally Posted by Lalana
It's also on the right-hand side of the page, at the top.

I'm not going to run it though... I don't like to run anything people post on forums, it's just too risky. If it's something important that i'd like to see, I just search for another source i can trust to use/download it.

But i'm paranoid... Probably why I've never had a single virus on my computer xD
Its posted in several other places + a "proof of concept" exploit and how to do it + tools etc (which i won't post here).

you can pretty much google it up.
This "exploit" however, does not require you to have a virus/trojan anything... all it needs is them to guess "what site" you visit for your banking/online buying" and change a server "out there" you "might use" to make you give them all your info.

No antivirus/Firewall/spyware scanner etc will detect it, becuase none of the "exploit" is used on your PC. Its used on the servers that take you to where you go.

Like if they wanted to, everytime you typed or clicked any link to go to www.google.com, it will load a porn site spamming 50 million popups etc.
Gulkeeva is offline  
Reply With Quote
Old 07-25-2008, 12:19 PM   #4
Lalana
Regular Forum User
Dat Modder
Forum Member
 
Join Date: Jul 2008
Posts: 1,108
Thanks: 0
Thanked 1 Time in 1 Post

Default

Ah, well you forget the fact that I'm old! I don't do any online banking, shopping, para sailing, or rally car races! I am one of the few people who still frequent the supermarket! I don't trust the internet much at all... I'm still relatively new to using computers, so I just try to avoid anything dangerous.

But yea, I think i'll contact a friend of mine later on (he's always asleep til like 4 pm though...) and ask him about the whole thing. I'm sure if it's important, he already knows a good, trusted site i can use. He's a total computer guru who probably gets tired of me phoning him with questions 5 or 6 times a week.
Lalana is offline  
Reply With Quote
Old 07-28-2008, 11:02 AM   #5
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,032
Thanks: 2,008
Thanked 6,422 Times in 3,372 Posts

Default

Other sites have started to post the "problem up" this one goes into a bit more detail and also references the site above.

http://www.kb.cert.org/vuls/id/800113

Welcome to US-CERT
The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors. Established in 2003 to protect the nation's Internet infrastructure, US-CERT coordinates defense against and responses to cyber attacks across the nation.
Gulkeeva is offline  
Reply With Quote
Old 07-29-2008, 10:51 AM   #6
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,032
Thanks: 2,008
Thanked 6,422 Times in 3,372 Posts

Default

Here's also a recent report on the rise of the problem

http://asert.arbornetworks.com/2008/...tack-activity/
Gulkeeva is offline  
Reply With Quote
Old 08-01-2008, 10:27 AM   #7
Gulkeeva
Mithra Ero-Sensei
The hentai is out there...
 
Join Date: May 2006
Location: Near Mithra
Posts: 22,032
Thanks: 2,008
Thanked 6,422 Times in 3,372 Posts

Default

Texas area DNS server for at&t customers to redirected to a fake www.google.com site to ads revene site searches.

http://blog.metasploit.com/2008/07/o...rnalistic.html

Hard to spot the changes because of how it was done but still can be dangerous, as you have ads sneaking around that contain maleware/trojans etc.

I'm sure in the comming days/weeks if not already there will be fake banking sites etc by this exploit that bypasses any browser security/antivirus etc
Gulkeeva is offline  
Reply With Quote
Reply

Lower Navigation
Go Back   Neko-Sentai » General Discussion Forums » General Random Topics forum

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -5. The time now is 06:22 AM.

design by: Themes by Design


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
punch-dnaAll company, product, system names and/or company logos and marks are the registered trademarks or trademarks of their respective owners. If you are the copyright holder of any material found on this site and believe it has been used unfairly please contact one of the forum administrators.