January 28, 2012

3.2.12 Parming


Pharming is a hacker's attack aiming to redirect a website's traffic to another, bogus website. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real addresses — they are the "signposts" of the Internet.

Compromised DNS servers are sometimes referred to as "poisoned".

More worrisome than host file attacks is the compromise of a local network router. Since most routers specify a trusted DNS to clients as they join the network, misinformation here will spoil lookups for the entire LAN.

Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent Web sites without their knowledge or consent.

In pharming, larger numbers of computer users can be victimized because it is not necessary to target individuals one by one and no conscious action is required on the part of the victim.
Pharming has been called "phishing with a grenade."

Pharming is more difficult to detect because it does not rely on the victim accepting a “bait” message. Users can be redirect to bogus Web site for example, even if they type the right Web address of their bank or other online service into their Web browser.

Related Terms
DNS cache poisoning – an attack on the Internet naming system
Domain spoofing


No comments:

Post a Comment