| Comcast’s DNS records hijacked, redirect to hacked page
Comcast’s DNS records hijacked, redirect to hacked page | Zero Day | ZDNet.com
DNS is how URLs like "www.yahoo.com" get mapped to IP addresses like 209.191.93.52. A DNS server is a computer that does the mapping for any client (like a browser) who requests it. A properly configured DNS server always makes sure the URL maps to the currently valid IP address, but if the wrong person gains access to the DNS server, they can remap the URL to point to some other IP address instead. After that, any client who requests that DNS server to resolve the URL will be directed to the new IP address. So I'm pretty sure that's what happened to Comcast. I don't know whether they're hosting their own DNS server or if they lease one from a 3rd party, but somebody got into that server and remapped their "www.comcast.net" URL to this page: 
__________________
"Preventive war was an invention of Hitler. Frankly, I would not even listen to anyone seriously that came and talked about such a thing.” -Dwight D. Eisenhower
Last edited by Binary_Digit : 05-30-08 at 09:42 PM.
| 
Linear Mode
Main
Extras
