Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [NGSEC] AntiPharming v1.00 FREE
From: Joel Esler (eslerjgmail.com)
Date: Tue Jun 14 2005 - 16:19:57 CDT
" * Denying any user (even Administrator) to write to the hosts file.
* Denying any user (even Administrator) to change your DNS settings."
Then who is going to modify the settings?
> On 6/14/05, lists NGSEC <listsngsec.com> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > Hello,
> > NGSEC is proud to announce the new release of our new product
> > AntiPharming v1.00  TOTALLY FREE for non-commercial use.
> > What is Pharming?
> > "(...)Pharming is the exploitation of a vulnerability in the DNS
> > server software that allows a hacker to acquire the Domain Name
> > for a site, and to redirect traffic to that web site to another
> > web site. DNS servers are the machines responsible for resolving
> > internet names into their real addresses - the "signposts" of the
> > internet.
> > If the web site receiving the traffic is a fake web site, such
> > as a copy of a bank's website, it can be used to "phish" or steal
> > a computer user's passwords, PIN number or account number.
> > AntiPharming Configuration For example, in January, 2005, the Domain
> > Name for a large New York ISP, Panix, was hijacked to a site in
> > Australia. In 2004 a German teenager hijacked the eBay.de Domain Name.
> > Secure e-mail provider Hushmail was also caught by this attack on
> > 24th of April 2005 when the attacker rang up the domain registrar
> > and gained enough information to redirect users to a defaced
> > webpage(...)" (Source WikiPedia).
> > What is AntiPharming?
> > AntiPharming uses active and passive protections for identifying and
> > stopping Pharming (Phising variant) attacks.
> > AntiPharming will actively protect your windows server from pharming
> > attacks by:
> > * Denying any user (even Administrator) to write to the hosts file.
> > * Denying any user (even Administrator) to change your DNS settings.
> > AntiPharming will passively protect your windows server from pharming
> > attacks by sniffing on each netowrk interface for DNS replies (both
> > TCP and UDP) and recheck them against at least with three secure DNS
> > nameservers.
> > AntiPharming is TOTALLY FREE for non-commercial use.
> > This e-mail has been signed with labsNGSEC PGP key available at:
> > http://www.ngsec.com/pgp/labs.asc
> >  http://www.ngsec.com/ngproducts/antipharming/
> > Best Regards,
> > - ---
> > NEXT GENERATION SECURITY, S.L. [NGSEC]
> > C\ O'donnell 46, 3º B
> > 28009 - Madrid, SPAIN
> > Tel: +34 91 435 56 27
> > Fax: +34 91 577 84 45
> > http://www.ngsec.com
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.1 (GNU/Linux)
> > iD8DBQFCrrwBKrwoKcQl8Y4RAsO5AJwIJ1Ngm38IT0JCujagcAz4oWgUUwCgl0Lv
> > vWvO9R/kd5Skb/vzeER7kls=
> > =XCYN
> > -----END PGP SIGNATURE-----