[LINK] PayPal phishing scam - is this a domain hijack

Rick Welykochy rick at praxis.com.au
Fri Jan 19 16:03:06 AEDT 2007


Eric Scheid wrote:

> On 19/1/07 1:13 PM, "Rick Welykochy" <rick at praxis.com.au> wrote:
> 
> 
>>For example, my own domain name is praxis.com.au. Is it easy for someone
>>to use westpac-security.login.validation.praxis.com.au as a valid
>>domain and get that into the DNS somehow? I would imagine that would
>>require some (illegal) hacking of zone files.
> 
> 
> http://en.wikipedia.org/wiki/DNS_cache_poisoning

Thanks for that one, Eric. Fery interesting.

Can I assume that if a DNS cache poisoning attempt was successful
with, say, online.westpac.com.au, I could without my knowledge log into
a rogue machine thinking I am logging on to https://online.westpac.com.au,
provide my login details and be phished without my knowledge?

If the asnwer is yes, it is certainly a frightful situation. The Wikipedia
article did not go to any lengths to assure me that this sort of thing
cannot happen :(

cheers
rickw




-- 
_________________________________
Rick Welykochy || Praxis Services

The 7 R's of Windows support: retry, restart, reboot, reconfigure,
reinstall, reformat and finally, replace with Linux.



More information about the Link mailing list