security
Alaric Dailey
alaricdailey at hotmail.com
Wed Oct 25 04:04:24 UTC 2006
I am not talking about necessarily effecting the user directly.
I am talking about something that is becoming more and more common, blended
attacks.
Poison the DNS for users and you can grab logins.
Poison the DNS for an RP and you can feed them bad data.
-----Original Message-----
From: general-bounces at openid.net [mailto:general-bounces at openid.net] On
Behalf Of Dan Lyke
Sent: Tuesday, October 24, 2006 10:13 PM
To: general at openid.net
Subject: Re: security
On Tue, 24 Oct 2006 19:16:43 -0700, Alaric Dailey wrote:
> DNS poisoning generally happens against a specific domain, to
> downstream routers, especially windows DNS server, by poisoning the
> cache (much easier to do, not to mention harder to detect) rather than
> modifying the root DNS.
Right. So when we're talking about a DNS exploit, we're talking about
something that's unlikely to affect both the Relying Party and the User,
just one of them. Not that, as I understand the problem more, that's a
concern, but we're at the "let's be really clear about what the
vulnerabilities really are as we see them" stage of the conversation.
Dan
_______________________________________________
general mailing list
general at openid.net
http://openid.net/mailman/listinfo/general
More information about the general
mailing list