Adam Fields (weblog)

This blog is largely deprecated, but is being preserved here for historical interest. Check out my index page at adamfields.com for more up to date info. My main trade is technology strategy, process/project management, and performance optimization consulting, with a focus on enterprise and open source CMS and related technologies. More information. I write periodic long pieces here, shorter stuff goes on twitter or app.net.

2/7/2005

DNS spoofing attack

Filed under: — adam @ 12:55 pm

This seems pretty bad. It uses international support for alternate character sets to substitute a different character that looks like an english one. Moreover, it works with SSL, too.

This goes right through spoofstick. There’s a fix for mozilla/firefox, to turn off international character support.

http://www.shmoo.com/idn/homograph.txt

There’s a demonstration of a fake paypal link here:

http://www.shmoo.com/idn/

The link is:
<a href=’http://www.p&#1072;ypal.com/’>Click here to enter paypal</a>

Via boingboing.

(Update: You got your phishing scam in my internationalization! You got your internationalization in my phishing scam!)


Comments are closed.

Powered by WordPress