Davis secret geek a team hacks back def ends wo

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: ld redirect yo u to impo sto r Web sites that lo o k like a bank o r e-co mmerce retailer but are really set up to harvest passwo rds and credit card data. This exact scenario played o ut when the DNS o f NET Virtua, a Brazilian Internet service pro vider, was hacked via a technique called DNS cache po iso ning. Cache po iso ning explo its a ho le in DNS so f tware, redirecting users to sites they didn’t request. The Brazilian DNS hack redirected NET Virtua users wishing to visit the Brazilian bank Bradesco to f raudulent Web sites that attempted to steal passwo rds and install malware. The hack impacted abo ut 1 percent o f the bank’s custo mers bef o re the attack was disco vered.D. Go din, “Cache-P o iso ning Attack Snares To p Brazilian Bank,” The Register, April 22, 2009. The explo it sho wed the impo rtance o f paying attentio n to security updates. A f ew mo nths earlier, a gro up that Wired magazine ref erred to as “A Secret Geek A-Team”J. Davis, “Secret Geek A-Team Hacks Back, Def ends Wo rldwide Web,” Wired, No v. 24, 2008. had develo ped a so f tware update that wo uld have prevented the DNS po iso ning explo it used against NET Virtua, but administrato rs at the Brazilian Internet service pro vider f ailed to update their so f tware so the hackers go t in. An additio nal upgrade to a DNS system, kno wn as DNSSEC (do main name service security extensio ns), pro mises to f urther limit the likeliho o d o f cache po iso ning, but it may take years f o r the new standards to be ro lled o ut everywhere.J. Hutchinso n, “ICANN, Verisign P lace Last P uzzle P ieces in DNSSEC Saga,” Netw o rkWo rld, May 2, 2010. K E Y TAK E AWAYS The I nternet is a network of networks. I nternet service providers connect with one another to share traffic, enabling any I nternet‐connected device to communicate with any other. URLs may list the application protocol, host name, domain name, path name, and file name, in that order. Path and file names are case sensitive. A domain name represents an organiz ation. Hosts are public services offered by that organiz a...
View Full Document

This document was uploaded on 01/31/2014.

Ask a homework question - tutors are online