What does this whole internet DNS flaw thingy mean for regular people (who bank online)?
Asked by
kevbo (
25672)
August 14th, 2008
What is the potential for disaster and what should we look out for?
Observing members:
0
Composing members:
0
2 Answers
I wouldn’t be too worried as I imagine most larger ISPs have updated their DNS servers by now. It’s more smaller companies and ISPs who may not have updated their DNS servers which could be under threat from attacks.
You can check if you’re okay or not by doing a DNS check.. There’s one on the blog of the person who found the vulnerability and another at DNSstuff. If doing those tests renders bad results, contact your ISP or use different DNS servers than those provided by your ISP, such as OpenDNS
Another (easy) way to check that you’re actually on the correct site before logging in properly can be to try logging in using a password which you know is incorrect. If it rejects you, you know you’re on the real site. If it lets you in, you know it’s a scam.
My ISP (which shall remain nameless) failed the DNS check at DoxPara Research.
My work-around was to change my router’s DNS to OpenDNS (instead of the ISP’s default). I also emailed the customer service of my ISP to let them know they need to get their DNS patched.
Answer this question
This question is in the General Section. Responses must be helpful and on-topic.