Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Browsers hacked in seconds in Pwn2Own contest | Main | Web Application Security Spending Relatively Unscathed By Poor Economy »

Malware installing rogue DHCP server

Sans published an entry about a new piece of malware that installs a rogue DHCP server that specifies a rogue DNS server, presumably for phishing and malware deployment. I wouldn't be surprised if this concept is fairly old but it appears to be the first time a common piece of malware is using this method. Frankly I'm surprised we haven't seen malware install DHCP servers and specify itself as the gateway allowing for sniffing of non HTTPS traffic from other clients on the same network. 

Read more: http://isc.sans.org/diary.html?storyid=6025

Posted by Robert A. on 03/19/2009 in IndustryNews , Off Topic , Worms | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!


Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals