pageoneresults - 10:20 pm on Apr 10, 2006 (gmt 0) 2005 March 31 - The Handler's Diary DNS Poisoning Stats Okay, get ready for this and remember, this is just one incident.
From the SANS Website...
The DNS spoofing attack on March 3rd redirected affected users to a set of compromised web servers. Some of the administrators of these servers agreed to share logs collected during the attack (THANKS!). Based on these logs, we collected the following statistics:
2005 March 31 - The Handler's Diary
DNS Poisoning Stats
Okay, get ready for this and remember, this is just one incident.
Let's say you're on a server that allows for DNS Recursion (according to reports, 75% of servers out there allow for recursion) and the hacker has poisoned the cache. This means that the hacker has control over all domains on that server and can redirect traffic at will. Would you notice this? Probably not immediately and maybe even never because it is being done so slyly that the average user would never know.
How many of you really know how to read the raw server logs to effectively determine how much is happening on your server? I know I'm still learning and my brain hurts! But, I've got to do it if I plan on surviving what I see as being a major threat to the search engine marketing industry and website owners all over the world.