Archives
07.2006
08.2006
09.2006
10.2006
11.2006
02.2007
04.2007
07.2007
03.2008


Powered by Blogger

15 February 2007
  Drive-by Pharming
With Symantec, Markus and I have developed an attack called "Drive-by Pharming" to which many people with home broadband routers are vulnerable.

In short: visiting a web page can cause malicious JavaScript to execute, changing the DNS settings on your broadband router. As a result, you cannot trust domain name resolution on a compromised router. The Solution is to set a hard-to-guess administrator password for your router.

Link to my blog post
Link to Zully's Blog Post (Symantec)
Link to the Press Release