This is a discussion on RE: Pimping DNSSEC (was Re: DNSSEC - Signature Only vs the MX/A issue.) - DNS ; > From: Danny Mayer [mailto:firstname.lastname@example.org]=20 > I suspect that we will see demand for DNSSEC the first time=20 > that a bank sees a poisoning attack and their customers get=20 > redirected to a fake site and their accounts drained ...
> From: Danny Mayer [mailto:email@example.com]=20
> I suspect that we will see demand for DNSSEC the first time=20
> that a bank sees a poisoning attack and their customers get=20
> redirected to a fake site and their accounts drained as a=20
> result. Phishing attacks can be alleviated since you can tell=20
> technologically that the site is not what it claims. Their=20
> customers will demand it, the bank will be afraid not to do=20
> it, the insurance companies make it a condition of coverage=20
> of losses, etc. Then of course the military have a need for=20
> it. Of course that still leaves the issue of validating=20
> resolvers being not being widely deployed (okay, so only a=20
> handful of people have deployed them).
This attack is happening but not quite in this way.
A spoofing attack only affects a local area. Seems that the use being =
made by the perpetrators of DNS spoofing is to drive folk to fake =
versions of CNN etc. and try to load a trojan onto their machine.
A stolen CC number is worth less than a dollar. Downloading the trojan =
has a higher success rate and pays out rather more.=20
The trojan could be a keystroke logger, a redialer or just recruit as a =
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.