Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: DNS spoofing issue. Thoughts on
From: Valdis.Kletnieks () vt edu
Date: Sat, 26 Jul 2008 22:45:29 -0400

On Sun, 27 Jul 2008 09:05:35 +1000, Paul Szabo said:
But realizing that going from 11 seconds to (11 * 64512 =3D) 8.21 days
is not a significant jump ...

We had a browser pointed to an "evil page" making image requests for
aaa.victim.com, aab.victim.com etc, for a few seconds. You cannot expect
the browser to stay alive for days.

How does this change if the attacker has one or more machines already botted
on the ISP's network, and wants to poison the cache to attract more traffic
so they can infect more machines?

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]