funsec mailing list archives
RE: Sunbelt: Anatomy of a Malicious Host File Hijack
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 12 Jan 2006 09:21:12 -0600
Fergie wrote:
http://sunbeltblog.blogspot.com/2006/01/anatomy-of-malicious-host-file-h ijack.html I wanted to put this out on the table for everything, I would enjoy your input. Most of the time, I set my HOSTS file to read-only in Windows XP. I understand this is a very simple thing to do and it could be easily bypassed, however...are these trojans and major host file hijacks so focused on the default setups, that a simple customize could throw them off?? Also, I have a couple of other ideas for this "Security thru Customization" idea. I look at it like I do "Security Thru Obscurity". Customization by itself is not security measure, but when used in a defense in depth idea, it can be very helpful. One example. Around a month ago, a friend and I ran into a very tricky Paypal phishing site. It was using one of those pretty advanced IE Toolbar tricks. We eneded up reporting over 20 exposed CC/Palpay accounts. The trick was very clear to me because it moved my address bar down to the "default" space. I normally move my toolbar up on the same line as the "file, Edit, view, etc". I know this is very simple and shouldn't be looked at as a security countermeasure but it does have its uses. Can anyone think of another "Security thru Customization" event has happen to help them notice something wrong...or something was fake?? I would like to get some stuff together and write-up a blog entry. Thanks in advance. -Todd _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Sunbelt: Anatomy of a Malicious Host File Hijack Fergie (Jan 11)
- <Possible follow-ups>
- RE: Sunbelt: Anatomy of a Malicious Host File Hijack Todd Towles (Jan 12)
- Re: Sunbelt: Anatomy of a Malicious Host File Hijack Brian Barrios (Jan 12)
- RE: Sunbelt: Anatomy of a Malicious Host File Hijack Todd Towles (Jan 12)