View Single Post
alcimedes
I shot the sherrif.
 
Join Date: May 2004
Send a message via ICQ to alcimedes  
2009-12-03, 17:59

Quote:
Originally Posted by Banana View Post
Hmm. But how? I'm picturing that my ISP server is the first point of contact- it's all what my network knows about- it has to go to the gateway address of the ISP which would then hop to ISP's DNS server (assuming we're using the default here rather than defining OpenDNS). Therefore, they'd have to hijack ISP's gateway and that's pretty far more severe breach than if they were sniffing my packets on a random route to say, Google's server?
In that case someone else just has to be on your local ISP's network and they can spoof the DNS server (if they're smart) and get your machine to request packets from them.

See the various Defcon hacks for real life examples of it happening in a very short amount of time. (IIRC one of the hackers replaced all image requests with goatse)

Google is your frenemy.
Caveat Emptor - Latin for tough titty
I tend to interpret things in the way that's most hilarious to me
  quote