funsec mailing list archives
Re: Don' see no "security expert's" round here ...
From: Dan Kaminsky <dan () doxpara com>
Date: Thu, 2 Jul 2009 08:33:43 -0700
Oddly, this is a win for DNS. If there's a crappy registrar out there, you can abandon them and no longer be exposed to their risk. With the SSL CA's, you have no choice; they all have the ability to issue certs for all names. On Jul 2, 2009, at 9:18 AM, "Rob, grandpa of Ryan, Trevor, Devon & Hannah" <rMslade () shaw ca> wrote:
Mitnick site targeted in DNS attack A Web site belonging to a "security expert" was compromised after hackers managed to access a domain name server maintained by the site’s Web host and redirect visitors to pages that displayed pornographic images. It was the second time in the past few years that a security lapse at hostedhere.net has allowed hackers to redirect the site, the "security expert" told The Register. At time of writing, domain name system records for Mitnick Security have been restored, but some users continue to see the fraudulent Web site because many DNS caches still show the incorrect information. The "security expert" whined that, “My site was redirected.” The attackers never gained access to the server hostin g the "security expert’s" site, and in any event, the "security expert" gave the usu al excuse that the site did not contain customer lists or other sensitive information. http://www.theregister.co.uk/2009/06/29/mitnick_website_targeted/ ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Why do so many of America's young schoolchildren kill each other? We asked Charlton Heston! http://victoria.tc.ca/techrev/rms.htm http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade http://blogs.securiteam.com/index.php/archives/author/p1/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Don' see no "security expert's" round here ... Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 02)
- Re: Don' see no "security expert's" round here ... Dan Kaminsky (Jul 02)
- Re: Don' see no "security expert's" round here ... David Harley (Jul 02)
- <Possible follow-ups>
- Re: Don' see no "security expert's" round here ... Robert Graham (Jul 02)
- Re: Don' see no "security expert's" round here ... Chaim Rieger (Jul 02)
- Re: Don' see no "security expert's" round here ... Blue Boar (Jul 02)
- Re: Don' see no "security expert's" round here ... Gadi Evron (Jul 02)