I think we are going to need a little bit more. How does the attacker get traffi... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

ipaddr on Aug 30, 2021 | parent | context | favorite | on: MarkMonitor left 60k domains for the taking

I think we are going to need a little bit more. How does the attacker get traffic to route to them?

lmm on Aug 30, 2021 [–]

DNS is not (yet) generally secured. An attacker who e.g. controls a wifi AP can just substituted their own DNS responses and redirect users to their own addresses, and their servers have valid certificates for the domains that they're supposed to be, so from the user side everything looks fine.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact