Aug 22 2008
When users mistype a domain name, they are sometimes directed by their ISPs to a placeholder Web site with generic advertisements. This is typically an additional revenue source for the ISP. In the case of CNC, customers of this prominent ISP are directed to a Web site under the control of an attacker.
I have tried a bunch of CNC nameservers and it seems that they have the typo redirects turned off or I haven’t tried the right nameserver yet.
In case you aren’t aware of what DNS cache poisoning is, check out this wikipedia.org article.
2 Responses to “CNC DNS Server Cache Poisoning”