Thursday, July 31, 2008

Internet Security Advisory System

OK, so it looks like this DNS thing is pretty bad:
Miscreants are actively exploiting a gaping hole in the internet's address lookup system that can cause millions of web surfers to receive counterfeit pages when they try to access online banking services and other types of websites.
The problem is, unless you're a security geek like me (and you're not, or you wouldn't hang out here listening to my blather; just sayin'), nobody tells you how it effects you.

It's sort of like the Homeland Security Advisory System - lots of pretty colors and hyperventilating, signifying nothing of use to a normal person.

Just what the heck is anyone supposed to do when the threat level goes to Puce/Rouge/Commie Red? Beats me, and probably beats you, too. Same with Internet Security.

Until now. As a full service blog covering Internet Security, I offer the first practical Internet Exploit Threat Advisory system for the masses. It is descriptive, in that it gives a concise, one word description of the situation. It is practical, because it gives detailed advice that mom can use to stay safer for the duration of the situation.

So, with the DNS-exploit-from-Hell, where are we? Well, Scooter, move the slide up to "Dang". Don't go anywhere popular today, because the Bad Guys are setting up spoofed web sites that match them, and dumb old DNS lets them. Paypal is an example. Your online bank is another, but you already know my opinion there.

Now if you'll excuse me, as an Internet Security Professional, I need to fix a pitcher of Martinis ....

Oh, and El Reg says there is something you can actually do to help:
To test whether your ISP is an offender, please run the tests here or here, and report the results in the comments section. Be sure to include the name server's IP address and the name of the ISP.
No comment on whether the Bad Guys are spoofing the domains hosting the tests. Slide it right up to "Martini", Scooter ...

1 comment:

ASM826 said...

Bore Patch,

I like this alert better.

http://blog.wired.com/27bstroke6/2007/07/homeland-securi.html

I think we are currently at "Chicago Dog"