If I understand correctly the hacker must be positioned on your immediate network or within the direct route from your workstation to the DNS server you are accessing. Isn't that right?
Isn't the scenario shown time dependent. Someone would have to automate the process as a client may go to get a requested DNS entry
I would really appreciate it if someone could explain how this hack might be done if the hacker is not on the same lan and does not exist within the IP route between in this case the yahoo.com and some host on a NAT llan somewhere.
Here is the video. I would sure appreciate it if someone could explain this video:
http://www.youtube.com/watch?v=Aak6-B3JOREThe very thought of DNS being subverted like that makes me sick. Very smart minds came up with SSL and it seems they were not smart enough given this video, but I suspect its limited to the hacker having access to a machine on the LAN of the intended target?
Still someone out out there can probably explain this video better than the author of the video did
Can this technique also be used for SSH as well?
And then how do you guard against this practice?
Start Free Trial
