L?i DNS nghi�m tr?ng c�n ?nh h??ng t?i c? email

L?i m�y ch? ?i?u h??ng DNS ??c bi?t nghi�m tr?ng kh�ng ch? cho ph�p hacker d?n ng??i d�ng web sang website gi? m?o, m� c�n can thi?p c? v�o qu� tr�nh nh?n-g?i email nh?m ?n tr?m c�c th�ng tin nh?y c?m.



T?i h?i th?o hacker M? ?en (Black hat hacker conference) t?i Las Vegas, chuy�n gia an ninh Dan Kaminsky, thu?c h�ng b?o m?t IOActive, v?a ch�nh th?c c�ng b? l?i b?o m?t nghi�m tr?ng c?a c�c m�y ch? ?i?u h??ng DNS. Nh? ?� bi?t, l?i n�y gi�p hacker c� kh? n?ng chuy?n h??ng ng??i truy c?p website b?t k� sang m?t site gi? m?o kh�c. ?�y l� v?n ?? ??c bi?t nghi�m tr?ng, do k? x?u c� th? x�y d?ng website gi? gi?ng h?t site c?a c�c d?ch v? mua b�n tr?c tuy?n, ng�n h�ng v.v.. ?? d? ng??i d�ng cung c?p m?t kh?u.



K? t? ng�y c�ng b? ph�t hi?n c?a m�nh, h�m 8/7, Kaminsky tu�n th? "lu?t im l?ng", cho c�c nh� cung c?p d?ch v? Internet (ISP) th?i gian ?? s?a l?i. Nhi?u ISP nhanh ch�ng s?a l?i, v� c�c h�ng l?n nh? Microsoft, Cisco, Sun Microsystem c?ng ngay l?p t?c tung ra b?n v� "b?t" l? h?ng. Theo nh? Kaminsky b�nh lu?n: "C? ng�nh c�ng nghi?p c�ng chung tay h�nh ??ng v?i quy m� ch?a t?ng c� tr??c ?�y".



M?c d� c�c chuy�n gia b?o m?t ?o�n ?�ng ???c ph�t hi?n c?a Kaminsky v� tung ra b?n s?a l?i sau ?�, anh v?n gi? c�n b� m?t ?? "b?t m�" t?i H?i th?o hacker l?n n�y. Kaminsky kh?ng ??nh kh�ng ch? m�y ch? ?i?u h??ng, nhi?u m�y ch? email r?t nh?y c?m v?i l?i DNS n�i tr�n. Hacker c� th? l?i d?ng ?i?u n�y ?? can thi?p v�o qu� tr�nh g?i-nh?n email v� chuy?n h??ng g?i email t?i m�y ch? kh�c thay v� ??a ch? th?c.



?a s? website ??u c� ch?c n?ng b�o m?t m?t kh?u, ?? sau ?� site s? t? g?i m?t kh?u m?i t?i email ??ng k� c?a ng??i d�ng. Do ?�, kh�ng ch? "t?c m?ch" v�o n?i dung c?a email b? g?i nh?m ??a ch?, k? x?u c�n c� th? l?i d?ng t�nh n?ng tr�n ?? x�m nh?p v�o t�i kho?n n?n nh�n tr�n nhi?u website kh�c, ??c bi?t nghi�m tr?ng n?u l� c�c site giao d?ch tr?c tuy?n.



L?i tr�n c�c m�y ch? DNS ???c bi?t t?i v� s?a ch?a ngay l?p t?c, nh?ng h?u nh? ch?a ai ch� � t?i c�c m�y ch? email, m?c d� ch�ng c?ng c� t??ng t�c v?i c�c m�y ch? DNS v� "s? h?u" chung m?t l?i. Hacker nh? ?� c� th? chuy?n h??ng email t??ng t? nh? chuy?n h??ng truy c?p c?a ng??i d�ng t?i website n�i chung.



(Theo AP)

Submit Article :- Digg + Technorati + del.icio.us + Stumbleupon + Reddit + BlinkList + Furl + Yahoo+ Blogmarks + Ekstreme Socializer
POSTED IN : , , |

This entry was posted on 21:10 and is filed under , , .Follow any comments here with the RSS 2.0 . You can leave a response so that we can know your suggestion.
0 Responses to "L?i DNS nghi�m tr?ng c�n ?nh h??ng t?i c? email"

Đăng nhận xét