R
RayLopez99
This is incredible...I have to pick your brain please.
Very interesting--and I have something interesting that maybe you can
figure out. Yesterday I replaced my Sophos based anti-virus on my
Windows XP machine, called "Webroot AV" with the freeware by Comodo
antivirus. I'm very happy it did, for one thing Comodo scans faster,
is less intrusive, and found a few minor things that Webroot did not.
During the installation by Comodo, it gave the option of replacing
your existing DNS routers, with Comodo's DNS routers, to prevent "DNS
poisoning" (whatever that is, and I've read the Wikpedia entry). I
choose this option, and today when I tried to check out: http://speedtouch.lan
to change my Speedtouch Ethernet Router and Firewall password (per
your suggestion to make the hardware firewall password longer) I found
this site is no longer there! (says my browser: Oops! Google Chrome
could not find speedtouch.lan). What is happening? I can only guess
that somehow Comodo is intercepting all such requests and replacing
them with the error ( "404" or whatever code is used) page. Is this
possible? I thought this //speedtouch.lan page existed only on your
hardware, on your Speedtouch router that's 1 meter from my
computer?! But, reading this Wikipedia article: (http://
en.wikipedia.org/wiki/DNS_cache_poisoning) I see that I was mistaken
about where the "speedtouch.lan" page lived--I thought it was on my
router, hardwired, but apparently it lives on the ISP (Otenet in my
case) server. So what Comodo did was somehow (and I have no idea how
they did this--very clever of them!) change the DNS pointers that my
ISP uses to Comondo's DNS servers. Is that right? Or close to being
right in your opinion? Any insight appreciated.
And BTW, how common is DNS poisoning? I read the above Wikipedia
article and it seems it would only work with disreputable ISPs.
Otenet is the Greek national telephony carrier, and though their
service sucks, I would imagine they don't use disreputable tactics.
But maybe--and this is the key--despite any efforts they make, they
could have some virus or packet sniffer on their DNS servers that
maliciously divert DNS queries, is that the idea?
RL
There is other malware on cracked ad and web servers which try to crack
your router while you read the web page. I have only seen one hit.
Very interesting--and I have something interesting that maybe you can
figure out. Yesterday I replaced my Sophos based anti-virus on my
Windows XP machine, called "Webroot AV" with the freeware by Comodo
antivirus. I'm very happy it did, for one thing Comodo scans faster,
is less intrusive, and found a few minor things that Webroot did not.
During the installation by Comodo, it gave the option of replacing
your existing DNS routers, with Comodo's DNS routers, to prevent "DNS
poisoning" (whatever that is, and I've read the Wikpedia entry). I
choose this option, and today when I tried to check out: http://speedtouch.lan
to change my Speedtouch Ethernet Router and Firewall password (per
your suggestion to make the hardware firewall password longer) I found
this site is no longer there! (says my browser: Oops! Google Chrome
could not find speedtouch.lan). What is happening? I can only guess
that somehow Comodo is intercepting all such requests and replacing
them with the error ( "404" or whatever code is used) page. Is this
possible? I thought this //speedtouch.lan page existed only on your
hardware, on your Speedtouch router that's 1 meter from my
computer?! But, reading this Wikipedia article: (http://
en.wikipedia.org/wiki/DNS_cache_poisoning) I see that I was mistaken
about where the "speedtouch.lan" page lived--I thought it was on my
router, hardwired, but apparently it lives on the ISP (Otenet in my
case) server. So what Comodo did was somehow (and I have no idea how
they did this--very clever of them!) change the DNS pointers that my
ISP uses to Comondo's DNS servers. Is that right? Or close to being
right in your opinion? Any insight appreciated.
And BTW, how common is DNS poisoning? I read the above Wikipedia
article and it seems it would only work with disreputable ISPs.
Otenet is the Greek national telephony carrier, and though their
service sucks, I would imagine they don't use disreputable tactics.
But maybe--and this is the key--despite any efforts they make, they
could have some virus or packet sniffer on their DNS servers that
maliciously divert DNS queries, is that the idea?
RL