[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Captive-portals] poor captive port design --- A Deep Dive on the Recent Widespread DNS Hijacking Attacks — Krebs on Security

On 2019-02-21 11:00 a.m., Michael Richardson wrote:
From https://krebsonsecurity.com/2019/02/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks/

"The two people who did get popped, both were traveling and were on their
iPhones, and they had to traverse through captive portals during the hijack
period,” Woodcock said. “They had to switch off our name servers to use the
captive portal, and during that time the mail clients on their phones checked
for new email. Aside from that, DNSSEC saved us from being really, thoroughly

Michael Richardson <mcr+[email protected]>, Sandelman Software Works
 -= IPv6 IoT consulting =-

Captive-portals mailing list
[email protected]
The active element here seems to be the forced use of insecure DNS servers. 

The fact that the insecure DNS configuration was forced in order to navigate a Captive Portal is incidental, though unfortunate.

Christian Saunders
Sr. Software Architect, Wireless Core
Shaw Communications Inc.