Originally posted by: Jeff7
A question then about router setup:
In my router, it uses DHCP to get the WAN info for the cable modem. This includes the DNS settings. The only way to edit the DNS servers is to set it to use a static IP.
So then the question:
If I change the DNS settings on my PC's Networking section, will it use those DNS servers instead of the router's?
Originally posted by: DisgruntledVirus
Well work hasn't fixed their DNS servers. We still are using "bad" DNS servers lol.
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
Originally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
:roll:
if you really love to learn, you would have done some research on your own. i mean seriously, asking how to put dns server setting into a router? sure, i understand asking those questions if you are not in IT, but claiming to work for an IT department and not know enough to figure out on your own how to put DNS SERVER SETTINGS manually into a router or even know where to do it is unforgivable.
big time :roll:
stop being a tool, just because someone works in IT does not automatically mean they know the inner workings of some off the shelf routerOriginally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
:roll:
if you really love to learn, you would have done some research on your own. i mean seriously, asking how to put dns server setting into a router? sure, i understand asking those questions if you are not in IT, but claiming to work for an IT department and not know enough to figure out on your own how to put DNS SERVER SETTINGS manually into a router or even know where to do it is unforgivable.
big time :roll:
Originally posted by: Anubis
stop being a tool, just because someone works in IT does not automatically mean they know the inner workings of some off the shelf routerOriginally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
:roll:
if you really love to learn, you would have done some research on your own. i mean seriously, asking how to put dns server setting into a router? sure, i understand asking those questions if you are not in IT, but claiming to work for an IT department and not know enough to figure out on your own how to put DNS SERVER SETTINGS manually into a router or even know where to do it is unforgivable.
big time :roll:
Originally posted by: StarsFan4Life
Originally posted by: Anubis
stop being a tool, just because someone works in IT does not automatically mean they know the inner workings of some off the shelf routerOriginally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
:roll:
if you really love to learn, you would have done some research on your own. i mean seriously, asking how to put dns server setting into a router? sure, i understand asking those questions if you are not in IT, but claiming to work for an IT department and not know enough to figure out on your own how to put DNS SERVER SETTINGS manually into a router or even know where to do it is unforgivable.
big time :roll:
Thank you!
Now back to topic at hand here.
Originally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: Anubis
stop being a tool, just because someone works in IT does not automatically mean they know the inner workings of some off the shelf routerOriginally posted by: PlatinumGold
Originally posted by: StarsFan4Life
Originally posted by: OdiN
Originally posted by: StarsFan4Life
Originally posted by: Gooberlx2
Still vulnerable. I wonder if our IT dept even knows about this.
Was this referenced to me?
I sure hope you aren't part of any IT department.
Well I am and don't appreciate these comments. Just because I am part of an IT department, doesn't mean I know everything. I love to learn though.
:roll:
if you really love to learn, you would have done some research on your own. i mean seriously, asking how to put dns server setting into a router? sure, i understand asking those questions if you are not in IT, but claiming to work for an IT department and not know enough to figure out on your own how to put DNS SERVER SETTINGS manually into a router or even know where to do it is unforgivable.
big time :roll:
Thank you!
Now back to topic at hand here.
topic hand, exactly, shouldn't be about, oh, can someone please hold my hand and help me step by step putting dns server settings in my router. :roll:. it would have taken you all of 30 seconds to do a google search on the brand of your router and found more than enough documentation to take you thru how to do it.
my problem isn't with ignorance, it's that you are unwilling to do a little work on your own to figure it out. this is no different than high school kids posting math problems so that we can help them with their homework. that is frowned upon here, i'm surprised this isn't.
It's probably due to load. If you're on Firefox and have NoScript installed, that can also cause problems.Originally posted by: geokilla
Guys help. I tried checking my DNS thingy from the site in the first post, but I can't seem to open the webpage. If the webpage works and I click check my DNS, it doesn't load. Does this mean my DNS server is affected?
Originally posted by: Lifted
Had to email my ISP about this. They emailed me back within an hour stating the DNS server was patched. So much for testing. :roll:
Anyway, maybe somebody could think this through a bit better than I can...
If a record was successfully poisoned, is there any way for the false site to use SSL without any warning dialogs popping up in the browser (assuming they haven't been disabled)?
If the phishing site is hosted at 123.123.123.123 and has people thinking they are at www.mybank.com, and they use SSL so as not to make people suspicious and keep the scam going longer, all browsers will display a warning that the URL in the SSL cert (www.gimmieyourbankaccount.com) is not the same site as the URL in the browser (www.mybank.com).
Is there any way for them to get around this? If SSL is still safe then those who are aware enough to check that they are using a secure connection before logging in anywhere should still be safe.
Originally posted by: Lifted
Had to email my ISP about this. They emailed me back within an hour stating the DNS server was patched. So much for testing. :roll:
Anyway, maybe somebody could think this through a bit better than I can...
If a record was successfully poisoned, is there any way for the false site to use SSL without any warning dialogs popping up in the browser (assuming they haven't been disabled)?
If the phishing site is hosted at 123.123.123.123 and has people thinking they are at www.mybank.com, and they use SSL so as not to make people suspicious and keep the scam going longer, all browsers will display a warning that the domain in the SSL cert (gimmieyourbankaccount.com) is not the same site as the domain in the browser (mybank.com).
Is there any way for them to get around this? If SSL is still safe then those who are aware enough to check that they are using a secure connection before logging in anywhere should still be safe.
Originally posted by: spidey07
Yes, have access the the certificate file. But if they have that you're screwed.
Or change your browsers certificate trust list to trust your bogus cert, this is how you do SSL proxying and monitoring.
SSL is still safe as long as you check the cert and provided you have not malware on your machine that has modified your browsers cert trust list.
Your name server, at xxx.xxx.xxx.xxx, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 46.
xx.xx.xx.xx appears to have POOR source port randomness and GREAT transaction ID randomness.
Originally posted by: nordloewelabs
ok, this has been asked before but noone answered the posters, so i'll give it a try and ask it again. this is the reply i get from http://www.doxpara.com:
Your name server, at xxx.xxx.xxx.xxx, may be safe, but the NAT/Firewall in front of it appears to be interfering with its port selection policy. The difference between largest port and smallest port was only 46.
i'm glad it says "i'm safe", however i'm curious about the bits that say there's an interference with "port selection policy" and the "difference between the ports".
the from http://entropy.dns-oarc.net/test gives me:
xx.xx.xx.xx appears to have POOR source port randomness and GREAT transaction ID randomness.
so my question is, is it GOOD, OK or BAD? i can tell it isnt optimal! :-s any way i can improve my security?
Exactly. I just heard of this exploit now. Last night I was running some numbers on my finances so I was hitting my bank and both credit card sites. I just checked and the certificate for my credit union and Discover looks legit, but the login page for Chase isn't SSL secure (the page itself), so I can't tell. Doxpara said I should be safe, hopefully that is true.Originally posted by: spidey07
Modelworks - read my post up above. A LOT of banking/credit card/shopping sites the main page is not SSL and there is an area to enter your username/pass. Of course the username/pass is sent with SSL on the real site and the next page is SSL as well.
So all I gotta do is slap up a page identical to the banks, your browser will show http://www.usbank.com but your connected to my web server, not the banks. Then you enter your username/pass, now I has it.
There is no way to tell if the site is legit or not this way
Originally posted by: duragezic
Exactly. I just heard of this exploit now. Last night I was running some numbers on my finances so I was hitting my bank and both credit card sites. I just checked and the certificate for my credit union and Discover looks legit, but the login page for Chase isn't SSL secure (the page itself), so I can't tell. Doxpara said I should be safe, hopefully that is true.Originally posted by: spidey07
Modelworks - read my post up above. A LOT of banking/credit card/shopping sites the main page is not SSL and there is an area to enter your username/pass. Of course the username/pass is sent with SSL on the real site and the next page is SSL as well.
So all I gotta do is slap up a page identical to the banks, your browser will show http://www.usbank.com but your connected to my web server, not the banks. Then you enter your username/pass, now I has it.
There is no way to tell if the site is legit or not this way
I'm on TWC RoadRunner in New York.