dns spoofing – Page 5 – WindowsTechs.com

What portion of recursive (ISP, public, etc.) nameservers validate DNSSEC strictly?

Posted on March 5, 2020 by R.. GitHub STOP HELPING ICE

I’m adopting/setting up DNSSEC on my domains for the first time, and curious about the practical benefits I can expect. In theory, regardless of whether client/stub resolvers want checking, recursive nameservers can request signature chain… Continue reading What portion of recursive (ISP, public, etc.) nameservers validate DNSSEC strictly?→

LTE vulnerability allows impersonation of other mobile devices

Posted on February 26, 2020 by Danny Bradbury

Researchers have found a way to impersonate mobile devices on 4G and 5G mobile networks, and are calling on operators and standards bodies to fix the flaw that caused it. Continue reading LTE vulnerability allows impersonation of other mobile devices→

The security of IP whitelisting large ranges

Posted on February 25, 2020 by John Halstead

I am not a network expert but; a recent conversation has come up with a client asking to whitelist a range of ip’s (let’s say 250 odd for now) to transfer their data to us for processing.
I should add here that we would provide an IP addr… Continue reading The security of IP whitelisting large ranges→

Are ARP spoofing attacks prominent in 2020?

Posted on February 8, 2020 by secdev1l

I recently attempted some arp spoofing attacks on a xfinity xfi router using morpheus:
https://github.com/r00t-3xp10it/morpheus

I was unable to successfully redirect traffic of target machines on LAN. Does ARP spoofing work anymore, has W… Continue reading Are ARP spoofing attacks prominent in 2020?→

Bettercap DNS and ARP spoofing only denies access to website

Posted on November 30, 2019 by pythonier500

I recently have been using Bettercap and have been trying to use the dns spoof feature to redirect websites to my Apache server which has a beef hook embedded. It is very simple theoretically, but when I use the dns and arp features, it o… Continue reading Bettercap DNS and ARP spoofing only denies access to website→

DNS Spoof Printer on network

Posted on October 15, 2019 by iamPres

I was wondering if it would be possible to arp spoof my printer and router

arpspoof -t printer router

arpspoof -t router printer

and then reroute all print requests to my CUPS print server on localhost?

dnsspoof -f host… Continue reading DNS Spoof Printer on network→

ARP spoofing + DNS spoofing

Posted on September 10, 2019 by turmuka

To make a prank on a friend, and also for educational purposes, I am trying to hack a DNS server in my local network. I am using Windows. I used arpspoof from GitHub.

Can someone please elaborate on how to take the next step on altering t… Continue reading ARP spoofing + DNS spoofing→

How to still allow plain HTTP while preventing accidental use?

Posted on August 24, 2019 by Reinaert Van de Cruys

I have a website that must be available over both HTTP and HTTPS, however I only want people to use HTTP if they really need to (obviously). The idea I came up with is to have redirection to HTTPS, along with HSTS, on mydomai… Continue reading How to still allow plain HTTP while preventing accidental use?→

Build a C2C server to communicate with malware

Posted on July 16, 2019 by Gina Diel

So, I have a piece of linux malware that communicates with a C2C server that is no longer active. I have reverse-engineered the malware and figured the commands that it expects. It uses IRC for its communication. I would like… Continue reading Build a C2C server to communicate with malware→

What is the most secure way to store cross subdomain cookies

Posted on July 2, 2019 by Jackie

I am working for a company we will call “Company x”. This company has a domain companyx.com. They have a cloud platform that manages things like SSL, but in order to do this you are required to use that domain. There are 3 apps app1, app2 … Continue reading What is the most secure way to store cross subdomain cookies→