I guess history decided the previous discussion in favor of vix. Although I doubt vix sees this compromise at ATT as a victory, but rather a loss. Note: HD has not been compromised. Gadi. ---------- Forwarded message ---------- Date: Wed, 30 Jul 2008 11:46:49 -0700 From: Dragos Ruiu <dr@kyx.net> To: Paul Ferguson <fergdawg@netzero.net> Cc: funsec@linuxbox.org Subject: Re: [funsec] Subject line misleading. AT&T Pwned. Sweet Irony: Metasploit Creator a Victim of His Own Creation On 29-Jul-08, at 10:01 PM, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Via PC World (IDG).
[snip]
HD Moore has been owned.
That's hacker talk, meaning that Moore, the creator of the popular Metasploit hacking toolkit has become the victim of a computer attack.
It happened on Tuesday morning, when Moore's company, BreakingPoint had some of its Internet traffic redirected to a fake Google page that was being run by a scammer. According to Moore, the hacker was able to do this by launching what's known as a cache poisoning attack on a DNS server on AT&T's network that was serving the Austin, Texas area. One of BreakingPoint's servers was forwarding DNS (Domain Name System) traffic to the AT&T server, so when it was compromised, so was HD Moore's company.
When Moore tried to visit Google.com, he was actually redirected to a fake page that served up a Google page in one HTML frame along with three other pages designed to automatically click on advertisements.
[snip]
More: http://www.pcworld.com/article/149126/2008/07/.html
- - ferg
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017)
wj8DBQFIj/Wrq1pz9mNUZTMRAmAhAJ9lT5hosH5xBOWOsTFArDsw1MGN1ACg+wQR a12h7wcZ9hy0JN2DtHkuZGo= =Wv/X -----END PGP SIGNATURE-----
-- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.