Re: DNS Attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora <fedora-list@xxxxxxxxxx>
Subject: Re: DNS Attacks
From: Björn Persson <listor3.rombobeorn@xxxxxxxxxx>
Date: Sat, 26 Jul 2008 14:00:12 +0200
In-reply-to: <488A1C5A.2010900@xxxxxxxxx>
References: <301401c8ee78$4b1a7350$0301a8c0@xxxxxxxxx> <200807252013.10435.listor3.rombobeorn@xxxxxxxxxx> <488A1C5A.2010900@xxxxxxxxx>
Reply-to: For users of Fedora <fedora-list@xxxxxxxxxx>
User-agent: KMail/1.9.9

Les Mikesell wrote:
> You aren't paranoid enough.  What if the spoofer is also a system
> administrator at the bank with access to a copy of the real certificate
> that he installs on the machine he's tricked your dns into reaching -
> with the expected name that you'll still see.

Then the bank has failed to protect its secret key. I expect banks to have 
rigorous security routines to control who can access sensitive systems, and 
to be able to check afterwards who did what.

Could you elaborate on how whois guards against malicious system 
administrators? Do you think security could be improved by having browsers 
and other programs make whois queries automatically?

Björn Persson

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Follow-Ups:
- Re: DNS Attacks
  - From: Mikkel L. Ellertson

References:
- RE: DNS Attacks
  - From: bruce
- Re: DNS Attacks
  - From: Björn Persson
- Re: DNS Attacks
  - From: Les Mikesell

Prev by Date: Re: SElinux concerning symlink? mail
Next by Date: Re: a long rebuttal to the Linux-is-the-engine fallacy
Previous by thread: Re: DNS Attacks
Next by thread: Re: DNS Attacks
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux