On Wed, Jun 08, 2005 at 11:36:29 +0800, Lai Zit Seng <lzs@xxxxxxxxx> wrote: > On Tue, 7 Jun 2005, Scot L. Harris wrote: > > >On Tue, 2005-06-07 at 19:34, Lai Zit Seng wrote: > >> > >>In practice, there are many ways to do this, so it's actually not terribly > >>difficult. E.g. one could subvert the DNS so that the client > >>unwittingly connects to the wrong server. > > > >Agreed there are several different ways to attempt a man in the middle > >attack. None of them are what I would call easy to do. :) > > Actually... sure it may not be "trivial", but at the same time it is not > all that difficult. Unless the person is using a broken resolver (which allows for cache poisoning attacks to work) this isn't going to be easy. You either need to be able be able to intercept their network traffic and perform a MitM attack (which corrupting DNS was proposed to be easier than) or do blind spoofing, which is generally going to have a very small chance of working (smaller with some resolvers than others) and will leave a signature if you try to flood lots of guesses and/or do anything to the real dns server to prevent it from sending legit packets.
