SecurityFocus

RE: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 13 2006 07:01PM
Derek Soeder (dsoeder eeye com) (1 replies)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 15 2006 06:39PM
Thor (Hammer of God) (thor hammerofgod com) (3 replies)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 11:06PM
Ansgar -59cobalt- Wiechers (bugtraq planetcobalt net)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 08:49PM
Paul Wouters (paul xtdnet nl)

On Sat, 15 Apr 2006, Thor (Hammer of God) wrote:

> It's a simple method to bypass malicious host file modification. Probably
> in response to malware like MyDoom, which specifically altered the hosts
> file to keep clients from accessing AV sites ( go.microsoft.com was also
> specifically included in MyDoom as well.)

Sure. And instead of everyone whining about this, they should prepare
their DNSSEC setup so microsoft can secure their zone and can rely on
the resolver to use DNSSEC to prevent these types of malware traps.

Paul

[ reply ]

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 17 2006 05:09PM
Geo. (geoincidents nls net) (1 replies)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 20 2006 03:54AM
Thor (Hammer of God) (thor hammerofgod com) (1 replies)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 20 2006 12:18PM
Geo. (geoincidents nls net) (1 replies)

Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotagedhosts-file lookup Apr 24 2006 04:15PM
Thor (Hammer of God) (thor hammerofgod com)