First Phishing - Now Pharming

Printable View

April 11th, 2005, 12:38 PM
Und3ertak3r

First Phishing - Now Pharming

Found this here:
http://savemybutt.com/forum/viewtopic.php?p=6861

Quote:

Pharming
http://www.answers.com/main/ntquery;...lc01a&method=6

Pharming is the exploitation of a vulnerability in the DNS server software that allows a hacker to acquire the Domain Name for a site, and to redirect traffic to that website to another website. DNS servers are the giant computers that "run" the Internet.

If the website receiving the traffic is a fake website, such as a copy of a bank's website, it can be used to "Phish" or steal a computer user's passwords, PIN number or account number.

For example, in January, 2005, the Domain Name for a large New York ISP, Panix, was hijacked to a site in Australia. In 2004 a German teenager hijacked the eBay.de Domain Name.

so it would appear that, unless it is a man in the middle trick and the IP is Hyjacked, you best security is to store the IP of the important sites in your bookmarks, rather than the url..

thoughts on this subject..
April 11th, 2005, 12:50 PM
MrLinus

A couple of other threads that discuss the same topic FYI:

http://www.antionline.com/showthread...hreadid=267231

http://www.antionline.com/showthread...hreadid=267420

I think if this becomes widespread we'll see a return of issues that became apparent when DNS poisoning was huge (mid 90s). I know of at least one company (travel agency) that went bankrupt as a result of a DNS poison. It wouldn't be that far of a stretch, IMO, for larger business to have similar instance (e.g., larger loss of business, etc.)

Quote:

so it would appear that, unless it is a man in the middle trick and the IP is Hyjacked, you best security is to store the IP of the important sites in your bookmarks, rather than the url..

Sounds like the concept of a hosts file, eh? :D The questions are: 1. how do we convince Joe Blow user to use this (because they will be affected the most) 2. how do we know the IP address is correct if it's already been "pharmed"?
April 21st, 2005, 12:38 PM
slarty

Funny, I always thought Pharming was a process for making drugs using genetically modified animals.

(From pharmaceutical and farming)

Slarty