Announcements:

I am currently writing at Computelogy.com actively and that's why i sort of abandoned my own tech blog. Since i am too busy to be taking care of both sides, i guess this blog will go into hibernation for a very very long time. Regrettable, but then it's hard to come up with new posts & stuffs.

So once again, i am now writing actively at Computelogy. Feel free to visit there and enjoy our latest articles and posts!

November 10, 2008

Online Threats: Pharming


I once talked about phishing, which is essentially, a form of online identity theft through means of deceptions. Later, it occurs to me that i should talk about another online threat, pharming, which is closely related to phishing, though at a much lower scale.

Pharming is a type of hacker's attack with the motive of redirecting a website's traffic to another bogus website. Hackers achieve the feat of pharming through two techniques: first, the modification of the host file on a victim's PC or through exploitation of a vulnerability in DNS server software. Like phishing, the motive of applying pharming is also to trick users into revealing sensitive information over the internet, and both methods can be combined together for the greatest effect. An action of infecting DNS by pharming is normally called "DNS poisoning".

Illustration on how antipharming works. First, the attacker "poison" a DNS server, which provides user information on the web. When a user asked for information retrieval, the poisoned DNS server will point the user to another bogus website, where the hackers can start their information-thieving activities.

One thing that is so tricky about this online threat is that even though they are rarely used, they are practically undetectable by security software such as antivirus and antispyware software. Despite the fact that there are antipharming tools available out there, they are so rare that normal users will less likely able to find a really good one that offers real protection. One of the antipharming software i knew of is included in the Norman Security Suite v7, a very little-known antivirus and antispyware software. I will post something on Norman Security Suite in the future.

Norman Security Suite/ Norman Virus Control, one of the few available security software tools with pure antipharming protection.

There are little ways of protecting yourself against pharming, but beside using antipharming tools, one of the best free thing you can take notice of is to make sure that whenever you're making a transaction or exchange of personal information online, make sure that you are in a Secure Socket Layered (SSL) environment. As i had mentioned before (check my previous post on Online Threats), users can anticipate that they are in a SSL environment when the hypertext protocol is shown as https:// instead of the usual http://. That simply means that the transaction area you're in is certified by the company itself and therefore, safe to do anything you want to.

Masterminded by James on 12:13 PM

0 opinion:

Post a Comment

Subscribe to: Post Comments (Atom)

Review Digital Plexus

I do not know how well this blog is doing unless there are feedbacks. Please do leave a review or two with us on how you think about Digital Plexus, its authors or the qualities of the posts. Good and bad comments are all welcomed, but please avoid posting rude/obscene comments that are not helpful to any of us working on this blog:

Disclaimer:

This blog is dedicated for the benefits of those who seeks experiences, knowledge or information in the computer, IT news, technology and software & hardware area. Digital Plexus cannot control how readers use the information, including any fraudulent conducts, illegal activities or deeds as regard by the law. Therefore, Digital Plexus & its authors shall not be liable to any damages caused by readers who misuse the information provided.

Digital Plexus utilizes information from many sources, including personal experiences of authors. Digital Plexus will never claim credits or ownership rights regarding the information it used in the blog, except for the raw articles posted on the blog - those are original materials written by the authors of Digital Plexus itself after the compilation of various information and/or experiences.

Followers

  © Blogger templates 'Neuronic' by Ourblogtemplates.com 2008

Back to TOP