| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Re: Windows weakness can lead to network traffic hijacks |
From: Mike N. On Mon, 26 Mar 2007 07:58:12 -0400, mike wrote: >Still, the proxy problem isn't a critical security issue, Paget and >fellow IOActive security expert Dan Kaminsky said. An attack is possible >only with access to the target network, not from the Internet, they >noted. "The biggest risk inside a corporation would come from a >malicious insider," Paget said. "This is not worthy of mass panic or >critical advisories." He's downplaying things .. it's relatively easy for intruders to get behind the firewall with web- and email- based malware. Once they set up shop inside, they have all they need for this attack. Admins have to be aware of the non-obvious step below. >In its support article, Microsoft lists steps for network administrators >to address the WPAD problem. The steps reserve static WPAD DNS host >names and to reserve WPAD WINS name records. As a result, an attacker's >malicious WPAD name will no longer work, which will foil the malicious >proxy trick, Paget said. --- BBBS/NT v4.01 Flag-5* Origin: Barktopia BBS Site http://HarborWebs.com:8081 (1:379/45) SEEN-BY: 633/267 @PATH: 379/45 1 633/267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.