[106164] in North American Network Operators' Group
Re: Exploit for DNS Cache Poisoning - RELEASED
daemon@ATHENA.MIT.EDU (Matthew Kaufman)
Wed Jul 23 23:56:37 2008
Date: Wed, 23 Jul 2008 20:53:30 -0700
From: Matthew Kaufman <matthew@eeph.com>
To: Skywing <Skywing@valhallalegends.com>
In-Reply-To: <982D8D05B6407A49AD506E6C3AC8E7D66150B24CB6@caralain.haven.nynaeve.net>
Cc: "nanog@merit.edu" <nanog@merit.edu>
Reply-To: matthew@eeph.com
Errors-To: nanog-bounces@nanog.org
Skywing wrote:
> Bookmarks or favorites or whatever your browser of choice wishes to call them, for the https URLs. That, or remember to type in the https:// prefix.
>
> - S
>
Which works great until you run into something like Washington Mutual
(of which you have no doubt heard)...
http://www.wamu.com redirects to
http://www.wamu.com/personal/default.asp
and
https://www.wamu.com *also* redirects to
http://www.wamu.com/personal.default.asp (!)
And yes, then you're supposed to trust that the page you've been served
up will send the form submit with your username and password to the
right place over https.
They do now have a link to
https://online.wamu.com/IdentityManagement/Logon.aspx on that main page,
but you have to look for it. But really, https://www.wamu.com should
redirect to *that* in order for it to be safe for the
slightly-knowledgeable-about-http-security.
Matthew Kaufman
matthew@eeph.com
http://www.matthew.at
