Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
IceWM
InterNIC
Expat (XML)
Session Initiation...
Prototype pattern
Ted (word processor)
RDF/monobook.jsbak
recommendation
compare webbrowser
Freenet DSL
Who's Online
9 user(s) are online (7 user(s) are browsing encyclopedia)

Members: 0
Guests: 9

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner

Pharming

: For pharming in . Pharming is the Exploit (computer security) of a vulnerability in the Domain name system Software that allows a cracker (computing) to acquire the Domain name for a website, and to redirect that website s traffic to another web site. DNS servers are the computer responsible for resolving internet names into their real IP address — the signposts of the Internet.

The term pharming is derived from the term Phishing, the use of a social engineering (computer security) attack to obtain access credentials such as usernames and passwords. To date however the use of pharming to perform Internet crime for profit has not been demonstrated.

Every website on the Internet has a so-called IP Address which consists of four numbers, each between 0 and 255, which are separated by . (dots), for example 192.0.2.213 . These IP Addresses are comparable to the telephone numbers on a telephone system. As it would be very difficult to remember these numbers, websites usually also have a domain name, for example www.google.com . The domain name server acts as a phone book to associate the domain name of a website with its IP Address ( resolving the domain name ).

If the web site receiving the traffic is a fake web site, such as a copy of a bank s website, it can be used to phish or steal a computer user s passwords, Personal identification number or Bank account number. Note that this is only possible when the original site wasn t Secure Sockets Layer protected, or when the user is ignoring warnings about invalid server Public key certificate.

For example, in January 2005, the Domain Name for a large New York Internet service provider, Panix, was hijacked to a site in Australia. In 2004 a Germany teenager hijacked the EBay.de Domain Name.

Communications security E-mail provider Hushmail was also caught by this attack on 24th of April 2005 when the attacker rang up the domain registrar and gained enough information to redirect users to a defaced webpage.

=Controversy over the use of the term=

The term pharming is controversial within the field. At a conference organized by the Antiphishing Working Group, Phillip Hallam-Baker denounced the term as a marketing neologism designed to convince banks to buy a new set of security services.

=See Also=

  • Anti-pharming
  • Phishing

    • = References =

  • =External links=

    *[http://www.pharming.org Pharming.org: Avoid becoming a victim of a pharming attack] *[http://www.greenarmor.com Green Armor Solutions Identity Cues] *[http://reviews.zdnet.co.uk/software/internet/0,39024165,39188617,00.htm ZD Net Article Alarm over Pharming Attacks] *[http://www.wired.com/news/infostructure/0,1377,66853,00.html Wired News: Pharming Out-Scams Phishing] *[http://www.zone-h.org/defacements/mirror/id=2309823/ Archive of the defaced Hushmail.com homepage] *[http://www.networkworld.com/columnists/2005/062705edit.html Network World Article on New Anti-Pharming Technology] *[http://www.eweek.com/article2/0,1759,1791152,00.asp eWeek article on the Hushmail.com DNS pharming attack]