pageoneresults - 6:42 pm on Apr 10, 2006 (gmt 0) SANS - Internet Storm Center Contents 1. How can others help? P.S. Has Google turned down your AdSense stating that there is a virus associated with your domain? The above may be the problem.
For anyone who might be interested, this summary from SANS is well written and easy to understand and describes everything you'll need to know as a marketer, website owner, server administrator, etc. about DNS Cache Poisoning. Many of you may not know it, but, is it possible that some of those problems you've just not been able to figure out are due to this type of technical foul play? If your server is open for DNS Recursion, then yes, you may be a victim. :(
The initial reports showed solid evidence of DNS cache poisoning, but there also seemed to be a spyware/adware/malware component at work. After complete analysis, the attack involved several different technologies: dynamic DNS, DNS cache poisoning, a bug in Symantec firewall/gateway products, default settings on Windows NT4/2000, spyware/adware, and a compromise of at least 5 UNIX webservers. We received information the attack may have started as early as Feb. 22, 2005 but probably only affected a small number of people. The Internet Storm Center is a volunteer effort and the better information that we receive from the community, the better analysis we can perform and contribute back to the community.
2. How do I recover from a DNS cache poisoning attack?
3. What software is vulnerable?
4. I am a dial-up/DSL/cable modem user -- am I vulnerable?
5. Where can I test my site to see if I am vulnerable?
6. What exactly is DNS cache poisoning?
7. What was the motivation for this type of attack?
8. Weren't DNS cache poisoning attacks squashed around 8 years ago?
9. What was the trigger for the attack?
10. How exactly did this DNS cache poisoning attack work?
11. What domain names were being hijacked?
12. What were the victim sites?
13. What malware was placed on my machine if I visited the evil servers?
14. Got packets?
15. Got snort?
SANS - Internet Storm Center
1. How can others help?
P.S. Has Google turned down your AdSense stating that there is a virus associated with your domain? The above may be the problem.