[olug] arp poisioning

Rob Townley rob.townley at gmail.com
Wed Jul 7 02:59:49 UTC 2010


excellent point.
Last year, there were updates to all dns services (except maybe dbdns)
and there are probably plenty of ISP's that did not update.

But even if your provider's DNS is updated, your firewall or SOHO
router may still make your network vulnerable to the same attack.

On 7/6/10, Jason Troy <jason.troy at gmail.com> wrote:
> Jesse,
>
> Be careful about asking how to kill or wipe things from a system, last time
> it digressed and people were suggesting thermite. :)
> First isolate the pattern or cause, then worry about the fix.
> Obviously once you find the issue, you will want to remove it.
> That brings me to the next question, who is your dns provider? There are
> still some who have not updated dns and will start misbehaving until
> rebooted or the cache is cleared.
> Take a look for more info on that here https://www.grc.com/dns/dns.htm  The
> site may also provide some insight on what services or ports you have
> exposed.
> HTH  --JT
>
> On Jul 6, 2010 6:49 PM, "jesse moseman" <jmoseman01 at gmail.com> wrote:
>
> how would you get rid of DNS or /etc/hosts altering trojans.  I'm pretty
> sure i checked the host file and nothing fishy was there.
>
>
> On Tue, Jul 6, 2010 at 2:57 PM, Phil Brutsche <phil at brutsche.us> wrote:
>
>> It's also not unheard of...
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> https://lists.olug.org/mailman/listinfo/olug
>



More information about the OLUG mailing list