Full Disclosure mailing list archives
Re: DNS spoofing issue. Thoughts on
From: Valdis.Kletnieks () vt edu
Date: Sat, 26 Jul 2008 22:45:29 -0400
On Sun, 27 Jul 2008 09:05:35 +1000, Paul Szabo said:
But realizing that going from 11 seconds to (11 * 64512 =3D) 8.21 days is not a significant jump ...We had a browser pointed to an "evil page" making image requests for aaa.victim.com, aab.victim.com etc, for a few seconds. You cannot expect the browser to stay alive for days.
How does this change if the attacker has one or more machines already botted on the ISP's network, and wants to poison the cache to attract more traffic so they can infect more machines?
Attachment:
_bin
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: DNS spoofing issue. Thoughts on imipak (Jul 26)
- Re: DNS spoofing issue. Thoughts on Paul Schmehl (Jul 26)
- Message not available
- Re: DNS spoofing issue. Thoughts on n3td3v (Jul 26)
- Re: [inbox] Re: DNS spoofing issue. Thoughts on Exibar (Jul 26)
- Re: DNS spoofing issue. Thoughts on n3td3v (Jul 26)
- <Possible follow-ups>
- Re: DNS spoofing issue. Thoughts on Paul Szabo (Jul 26)
- Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 26)
- Re: DNS spoofing issue. Thoughts on Glenn.Everhart (Jul 27)
- Re: DNS spoofing issue. Thoughts on Valdis . Kletnieks (Jul 30)
- Re: DNS spoofing issue. Thoughts on John D. Reason (Jul 27)