Re: DNS flaw.. in http://www.dslreports.com/forum/r20844084 en Tue, 01 Dec 2009 02:42:13 EDT Tue, 01 Dec 2009 02:42:13 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20846392 Done_Posting :
said by Sodium See Profile :

Am I the only person that gets the reference to the Underpants Gnomes?
Nope! It's pretty tough to miss it, if you're "in the know"... :)

- Tate

--
Happiness is an OC-768 in your basement...]]> http://www.dslreports.com/forum/remark,20846392 Fri, 25 Jul 2008 08:06:35 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20846137 insomniac84 :
said by baineschile1 :

never understood people that shopped online with stolen credit card numbers. if i buy a plasma...dont i have to have it "shipped somewhere"?
People will ship to other addresses and attempt to intercept the package. It happened to my grandma. She got a package with what she refers to as computer thing. Calls the shipper and the company and neither cared it wasn't hers and she didn't pay for it. (Maybe the companies all assumed it must have been a gift because no one reported fraud?) But a few days later some kid comes to her door and says he heard she got a package. She knowing there was no way this was possible, she told him he could have it if he calls UPS and get them to authorize her to give it to him. She never saw him again and after a few months (in case someone did want it back) she told me about it. It was a mediocre video card and I think I ended up putting in an aunt's computer.]]> http://www.dslreports.com/forum/remark,20846137 Fri, 25 Jul 2008 04:09:12 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20845740 Sodium : Am I the only person that gets the reference to the Underpants Gnomes?]]> http://www.dslreports.com/forum/remark,20845740 Fri, 25 Jul 2008 00:30:43 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20845212 dvd536 :
said by ISurfTooMuch See Profile :

Ah, but I can complete that for you.

step 1 - alter dns records
step 2 - redirect users from legit commerce and banking sites to lookalike phishing sites
step 3 - grab credit card numbers and usernames/passwords
step 4 - shop with stolen cards, sell stolen card numbers, and drain bank accounts
step 5 - profit
step 4.5 - sell booty on ebay.
--
When I gez aju zavateh na nalechoo more new yonooz tonigh molinigh - Ken Lee]]> http://www.dslreports.com/forum/remark,20845212 Thu, 24 Jul 2008 22:12:29 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20845010 haze_nme : You can get away with using stolen card numbers for intangible things like memberships to sites, or for purchasing more domain names/hosts.]]> http://www.dslreports.com/forum/remark,20845010 Thu, 24 Jul 2008 21:30:58 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20844422 morbo :
said by baineschile1 :

never understood people that shopped online with stolen credit card numbers. if i buy a plasma...dont i have to have it "shipped somewhere"?
there's no real enforcement out there for these smallish crimes. local police won't touch it and credit card companies prefer to write it off, as long as it's not too much.

the lawyers and effort would cost them more than it's worth.

sad but true.]]> http://www.dslreports.com/forum/remark,20844422 Thu, 24 Jul 2008 19:39:17 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20844165 ISurfTooMuch : You'd think that would be a deterrant, but people seem to still get away with it. And I'd imagine many stolen card numbers would be printed on counterfeit cards and used overseas. I doubt a shop in Moscow or Shanghai is going to care too much if a card is stolen as long as the transaction is approved. The shop owner is going to sell the goods for a profit, and they can always deny they knew the card was stolen if they're asked about it.

Still, I think the big money would be in selling the numbers. The seller gets their money, and the buyers use the cards until they're canceled.]]> http://www.dslreports.com/forum/remark,20844165 Thu, 24 Jul 2008 18:36:58 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20844109 ISurfTooMuch : It doesn't happen if the ISPs take heed and patch their DNS servers. If you read the article, you'd see that many have yet to do so.

Issuing warnings is great, but warnings don't fix the problem. Acting on those warnings does, and many ISPs seem to be asleep at the switch.]]> http://www.dslreports.com/forum/remark,20844109 Thu, 24 Jul 2008 18:28:22 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20844084 anon : never understood people that shopped online with stolen credit card numbers. if i buy a plasma...dont i have to have it "shipped somewhere"?]]> http://www.dslreports.com/forum/remark,20844084 Thu, 24 Jul 2008 18:24:04 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20844074 Cabal : It doesn't happen thanks to a massive, 80+ vendor coordinated patch to DNS services, including every major ISP on the planet. Way to be naive, though.

»With DNS Flaw Now Public, Attack Code Imminent

»Poor NAT design leaves some patched DNS servers vulnerable

»DNS Critical Flaw Explained?

»Internet flaw could let hackers take over the Web
--
Interested in open source engine management for your Subaru?]]> http://www.dslreports.com/forum/remark,20844074 Thu, 24 Jul 2008 18:22:12 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20843894 ISurfTooMuch : Ah, but I can complete that for you.

step 1 - alter dns records
step 2 - redirect users from legit commerce and banking sites to lookalike phishing sites
step 3 - grab credit card numbers and usernames/passwords
step 4 - shop with stolen cards, sell stolen card numbers, and drain bank accounts
step 5 - profit]]> http://www.dslreports.com/forum/remark,20843894 Thu, 24 Jul 2008 17:52:22 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20843870 mworks :
said by insomniac84 See Profile :

We will see it a lot only because:
step 1 - alter dns records
step 2 - ?????
step 3 - profit
Alter a site like bank of america, grab login info for just 5 minutes and walk away with thousands .]]> http://www.dslreports.com/forum/remark,20843870 Thu, 24 Jul 2008 17:49:03 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20843852 insomniac84 : We will see it a lot only because:
step 1 - alter dns records
step 2 - ?????
step 3 - profit]]> http://www.dslreports.com/forum/remark,20843852 Thu, 24 Jul 2008 17:46:48 EDT Re: DNS flaw.. http://www.dslreports.com/forum/remark,20843795 ISurfTooMuch : And this is the same attitude that keeps many users from cleaning the viruses, worms, and trojans off their machines.

If this exploit turns out to be as easy as it's reported to be, you're going to see it used a lot. The Internet won't fail, but a lot of folks are going to get scammed. If you don't think it will happen, check your spam folder and see all the phishing attempts out there. Right now, if you're a careful user and don't get infected, you can be reasonably safe. If this DNS exploit is used, you won't be able to trust any site you're visiting as being legit.]]> http://www.dslreports.com/forum/remark,20843795 Thu, 24 Jul 2008 17:36:07 EDT DNS flaw.. http://www.dslreports.com/forum/remark,20843754 ztmike : All these "experts" keep putting out that there's security flaws, yet nothing ever happens..

OmGz teh interwebs is going to FaIL!!!1!1 ...

Hasn't happened and until it does, I'll keep yawning.
--
WhY sO SeRiOUs!?]]> http://www.dslreports.com/forum/remark,20843754 Thu, 24 Jul 2008 17:28:46 EDT