I haven't seen the original paper, but this article claims that researchers at Google and Georgia Institute of Technology estimate that there are 68,000 rogue DNS servers on the net.
Use of Rogue DNS Servers on Rise
Rogue DNS is one of the services provided by the zillions of malware, virus, worm, and rootkit infested zombie PC systems on the internet at any given time. The interesting part of this trick is that zombie PC systems might get "cleaned up" after an infestation has been detected, but their DNS configuration might (OK, probably does in nearly every case) remain pointing to a rogue DNS server, which occasionally, but not always, provides fraudulent data back to requesting clients. This is yet another reason why infested PC systems must be re-installed from clean original media whenever possible, in case you didn't have enough reasons already.
The paper:
Corrupted DNS Resolution Paths: The Rise of a Malicious Resolution Authority
David Dagon, Chris Lee, Wenke Lee - Georgia Institute of Technology; Niels Provos - Google Inc.
was presented today at the annual Network and IT Systems Symposium: NDSS 2008.
Better get cracking on DNSSec.
DNSSEC - DNS Security Extensions
If you have used a Visa card to make a purchase online lately you may have encountered a relatively new program, Verified by Visa . I've encountered it twice. The system is an interesting attempt by Visa to reduce online fraud and identity theft. It's a noble effort, but the user experience is unsettling, and the security implications are not exactly crystal clear. Here's what happened to me, both times the Verified by Visa system was activated. I was redirected away from the domain at which I was shopping, to a URL which was: not the domain where I was shopping, not the domain of the bank that issued my card not visa.com I've been telling people for years that if anything like that happens to you, close your web browser immediately and do not under any circumstances enter any personal information into the form, because this is a sure sign of a man in the middle or phishing scam. (Never mind that all the best phishing scams now-a-days look like the actual dom...
Comments