Storage Networking , Part 1 eBook: A storage network is any network that's designed to transport block-level storage protocols. But understanding the ins and outs of networked storage takes you deep into several of protocols. This guide covers SANs, Fibre Channels, Disk Arrays, Fabric, and IP Storage. » Storage Networking, Part 2 eBook: Picking up where Part 1 left off, Part 2 of our look at storage networking examines configurations for SAN-attached servers and disk arrays, and also includes a look at the future of IP storage. » Storage Management Costs in the Enterprise: A Comparison of Mid-Range Array Solutions Whitepaper: Many factors contribute to the ownership cost for enterprise storage. These include (but are not limited to): physical capacity relative to physical space requirements, performance capacity for data transfer and system reaction time, software maintenance and updates, expandability and flexibility, and much more. » Storage Is Changing Fast  Be Ready or Be Left Behind On Demand Webcast: The storage landscape is headed for dramatic change, thanks to new technologies like Fibre Channel over Ethernet (FCoE), pNFS, object-based storage and SAS that will affect everything from NAS and SANs to disk drives. Get the knowledge you need to make the most of your storage environment, now and in the future. » HP StorageWorks EVA4400 Demo: Don't settle for an expensive and complex array that lacks functionality. The HP StorageWorks EVA4400 delivers virtual storage with enterprise class functionality at an affordable price. »

Glossary directory service honeynet intranet intrusion detection system network appliance NFS port scanning protocol security VPN Search for more networking terms ...

FREE Tech Newsletters Instant Messaging Planet HTML CIO Update CodeGuru Update Enterprise Networking Planet Practically Networked HTML Enterprise Storage Forum HTML Optically Networked HTML Intranet Journal Update Datamation IT Management Careers Datamation IT Management Update Developer.com Update Gamelan Java Update Goodies to Go Javascript Weekly HTML JARS Java Update OpenSource Update SysOpt Tech Notes Grid Computing Planet HTML E-Security Planet HTML Virtual Dr. Text

14-Day Qualys Trial: Find Out in Minutes if Your Network is Vulnerable! Scan for the latest vulnerabilities & receive a detailed risk assessment report. Sign up now.

DNS-Based Phishing Attacks on The Rise
March 8, 2005
By Sean Michael Kerner

Phishing (define) fraudsters are using a pair of DNS exploits to help give them the illusion of credible domains, the latest ploy to dupe people into handing over their sensitive information.

According to research firm Netcraft, phishers have begun to use wildcard DNS records to help trick unsuspecting users into giving up information about their identity.

Wildcard DNS help users arrive at their intended Web destination by redirecting mistyped and/or errant addresses. But wildcard DNS has been used against Barclays Banks in the U.K with e-mail using an additional sequence of characters that ultimately leads the user to a phisher's site.

A similar type of attack vector specific to Microsoft Internet Explorer was reported last month by security researcher Bitlance Winter. In that attack, an identifiable URL also has a string of characters or additional domain information added that directs a user to a different address than the one they see in the visible toolbar.

The technique, known as DNS cache poisoning, is also being utilized by phishers in an attack know known as "pharming" where a poisoned DNS server redirects users to the phisher's Web site. The "poison" is essentially false DNS information that is injected into a vulnerable DNS server.

According to Netcraft, an attack this past Saturday exploited a known vulnerability in Symantec's firewall product. The firewall vulnerability had not been patched by Symantec last year. The Saturday attack redirected user requests from eBay, Google and weather.com to a trio of phisher-directed sites.

Dave Jevans, chairman of the Anti-Phishing Working Group, told internetnews.com that he has seen an increase in Wildcard DNS and DNS pharming attacks with several new ones this year targeting North American institutions.

"UK has seen an increase since December 2004," Jevans said. "Some of these attempt to implement man-in-the-middle attacks too."

The DNS system itself has been the subject of proposed enhancements like DNSsec to guarantee better security for users. DNSsec is short for DNS Security Extensions, which are supposed to include integrity and authentication checks to DNS data.

"DNS-sec has been in the works for some time, but not really rolled out except maybe at the Verisign root. Recent events are going to spur something here, I think," Jevans said.

DNSsec however won't necessarily stop all pharming activity though.

"Most pharming is using DNS poisoning at the personal PC level (eg. add entries to the local hosts file). Fixing DNS servers won't prevent this," Jevans explained. "Mutual authentication (possibly two-factor) would be a big help, however."

The APWG recently reported that phishing attacks rose by 42 percent from December 2004 to January 2005.

Article courtesy of internetnews.com

Tools:

Add www.enterprisenetworkingplanet.com to your favorites Add www.enterprisenetworkingplanet.com to your browser search box IE 7 | Firefox 2.0 | Firefox 1.5.x Receive news via our XML/RSS feed

Five Trends for Application Development. Download Your Complimentary Report. Exclusive. Act Now.
Flash Demo: Learn how IBM Information Server Blade is easy to manage, highly scalable and efficient.
Whitepaper: HP Integrated Citrix XenServer for HP ProLiant Servers. Sponsored by HP, Citrix, and Intel.
Visit ServerWatch for the latest server news and trends.
Keep up with the latest business and technology news and information! Visit Internet.com.