[dns-operations] Massive DNS poisoning attacks in Brazil
Stephane Bortzmeyer
bortzmeyer at nic.fr
Tue Oct 2 09:49:35 UTC 2012
On Mon, Nov 07, 2011 at 02:01:14PM +0100,
Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote
a message of 17 lines which said:
> http://www.securelist.com/en/blog/208193214/Massive_DNS_poisoning_attacks_in_Brazil
>
> A long article about "DNS poisoning" without even a dig output, bad.
>
> One sentence at the end seems to indicate it has nothing to do with
> DNS poisoning but that the cracker was able to hijack the router (in
> which cas all your bets are off).
Much better and very detailed analysis (by the same author!) So, it
was not DNS poisoning at all but a change in the DNS settings of the
router, after the box was cracked. (DNSchanger-style)
http://www.securelist.com/en/blog/208193852/The_tale_of_one_thousand_and_one_DSL_modems
More information about the dns-operations
mailing list