Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup
From: Paul Wouters <paul () xtdnet nl>
Date: Mon, 17 Apr 2006 22:49:14 +0200 (CEST)

On Sat, 15 Apr 2006, Thor (Hammer of God) wrote:

It's a simple method to bypass malicious host file modification.  Probably
in response to malware like MyDoom, which specifically altered the hosts
file to keep clients from accessing AV sites ( go.microsoft.com was also
specifically included in MyDoom as well.)

Sure. And instead of everyone whining about this, they should prepare
their DNSSEC setup so microsoft can secure their zone and can rely on
the resolver to use DNSSEC to prevent these types of malware traps.

Paul


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault