Results 1 to 10 of 29

Thread: A new threat?

Hybrid View

  1. #1
    Join Date
    Jul 2005
    Beans
    412

    A new threat?

    Hello,

    It's possible for someone who hacks into a router to change the DNS server ip addresses for that router and thus redirect users(connected to that router) who are accessing the internet to malicious websites in order to steal information from the users and do other unpleasant things.

    I was under the impression that to protect against this, all I have to do is specify trusted DNS server ip addresses in my laptop itself and thus all DNS requests from my computer would ignore and bypass the DNS servers specified in the router(by the hacker) and all DNS server requests from my computer would go to the trusted DNS servers I specified in my laptop. This is supposed to protect me from being mis-directed to the malicious sites and from other traps set up by the hacker. But, after reading this website: http://hackercodex.com/guide/how-to-...ver-hijacking/ I am not too sure anymore. Can you read this webpage and give me some feedback regarding this?

  2. #2
    Moose is offline Gee! These Aren't Roasted!
    Join Date
    Aug 2012
    Location
    Australia
    Beans
    Hidden!
    Distro
    Ubuntu 12.10 Quantal Quetzal

    Re: A new threat?

    Makes you worry some of the things hackers can do..

  3. #3
    Join Date
    Mar 2011
    Beans
    665

    Re: A new threat?

    If your router is performing DNS resolution I guess. But your local system is going to be performing it.

    What they can do is intercept the DNS request via MITM (instead of just changing a router setting, which wouldn't do anything unless your system couldn't resolve the DNS AFAIK)because DNS isn't encrypted.

    It's the same way that when you visit a website over HTTP an attacker can put information into the page you view or they attacker can see that information.

    To solve this you can use DNSCrypt by OpenDNS. It encrypts DNS, although I'm not sure about the specifics.

  4. #4
    Join Date
    Apr 2011
    Location
    Maryland
    Beans
    1,461
    Distro
    Kubuntu 12.04 Precise Pangolin

    Re: A new threat?

    Boy, you're really concerned about hackers and your router aren't you? As others have said, just reset the router and the password and let it go.

    As Hungry Man says, I'm not sure a hacker that has changed the DNS settings on the router could do too much with the system. Further I'm not sure how the page you linked is related. In that case, the way I read it, the ISP was re-routing traffic where they wanted it. That was pretty independent of the users router, until the reconfigured it.

  5. #5
    Join Date
    Mar 2011
    Beans
    665

    Re: A new threat?

    In the case of ISPs redirecting traffic etc there is very little we can do. In various other governments less friendly to privacy we've seen SSL handshakes broken so that users are forced to use HTTP versions of websites or users are prevented from using TOR etc.

    Everything you do goes through your ISP at some point - your DNS, all traffic. So while you can have name resolution take place at your router the router just acts as an RX server - it still has to fetch from the ISP or through the ISP.

  6. #6
    Join Date
    Jul 2005
    Beans
    412

    Re: A new threat?

    So, what you guys are saying is that the best I can do is just set the DNS server ip addresses in my computer itself and hope for the best?

  7. #7
    Join Date
    Jul 2005
    Beans
    412

    Re: A new threat?

    Quote Originally Posted by drmrgd View Post
    Boy, you're really concerned about hackers and your router aren't you? As others have said, just reset the router and the password and let it go.

    As Hungry Man says, I'm not sure a hacker that has changed the DNS settings on the router could do too much with the system. Further I'm not sure how the page you linked is related. In that case, the way I read it, the ISP was re-routing traffic where they wanted it. That was pretty independent of the users router, until the reconfigured it.
    Hi!!

    I just came across that website when I was looking up DNS servers.

    Can a attacker do the same re-routing of dns traffic or can only the ISP do that?

  8. #8
    Join Date
    Jul 2005
    Beans
    412

    Re: A new threat?

    Any suggestions for how to set up dnscrypt in kubuntu 10.04 and ubuntu 12.04?

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •