RE: Pimping DNSSEC (was Re: DNSSEC - Signature Only vs the MX/A issue.)

["Hallam-Baker, Phillip" <pbaker@verisign.com>]

> From: Danny Mayer [mailto:mayer@gis.net] 

> I suspect that we will see demand for DNSSEC the first time 
> that a bank sees a poisoning attack and their customers get 
> redirected to a fake site and their accounts drained as a 
> result. Phishing attacks can be alleviated since you can tell 
> technologically that the site is not what it claims. Their 
> customers will demand it, the bank will be afraid not to do 
> it, the insurance companies make it a condition of coverage 
> of losses, etc. Then of course the military have a need for 
> it. Of course that still leaves the issue of validating 
> resolvers being not being widely deployed (okay, so only a 
> handful of people have deployed them).

This attack is happening but not quite in this way.

A spoofing attack only affects a local area. Seems that the use being made by the perpetrators of DNS spoofing is to drive folk to fake versions of CNN etc. and try to load a trojan onto their machine.

A stolen CC number is worth less than a dollar. Downloading the trojan has a higher success rate and pays out rather more. 

The trojan could be a keystroke logger, a redialer or just recruit as a bot.


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>