| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 16 Apr 2006 14:32:29 +1200 From: "Jamie Riden" <jamesr@...ope.com> To: bugtraq@...urityfocus.com Cc: allbery@....cmu.edu Subject: Re: [Full-disclosure] Microsoft DNS resolver: deliberately sabotaged hosts-file lookup On 14/04/06, Brandon S. Allbery KF8NH <allbery@....cmu.edu> wrote: > > On Apr 13, 2006, at 1:29 , Dave Korn wrote: > > > Hey, guess what I just found out: Microsoft have deliberately > > sabotaged > > their DNS client's hosts table lookup functionality. > > I thought this was part of avoiding malware attempts to block Windows > Update. In that case, they should allow us to add symantec et al - it's not much use having Windows Update working while the machine is happily rootkitted. Grepping hosts files across campus for 127.0.0.1 ... liveupdate.symantec.com - or your local equivalent - can prove interesting. If it was a feature, I'd expect there to be ways to add to the list of pass-through domains, or ways to disable it. cheers, Jamie -- Jamie Riden / jamesr@...ope.com / jamie.riden@...puter.org "Microsoft: Bringing the world to your desktop - and your desktop to the world." -- Peter Gutmann
Powered by blists - more mailing lists