Category Archives: Network Security

The Prevelance of DNS Cache Poisoning in Many Developing Countries

Posted by D. Horst on

How to Prevent DNS Spoofing

DNS cache poisoning (DNS spoofing) means you are being redirected to an IP address other than the one you intended to go to because the DNS name server you are using has been successfully attacked.  Your new destination may look exactly like your intended destination.  Downloading malware at the fake site is a common next step for the victim.

The main problem is that ISPs in many developing countries do their DNS resolution on the cheap, or they do not know how to properly set it up (or both).  Software that could prevent problems like DNS spoofing is often not bothered with.  Sometimes the ISP just does not care.

What can one do?  Use Mozilla and the WorldIP add-on.  WorldIP actually warns you of attacks like this as they happen.  Use HTTPS Everywhere.  If your destination site has HTTPS, then you can check to see that a valid certificate was issued to the owner of the website you are visiting.  Use a VPN.  VyprVPN is a good choice.  If you are at home in a developed country prior to taking a foreign trip, then have VyprVPN set up on your computer before you go venturing out into the wilds of the unknown.  VyprVPN, with its own NAT Firewall and DNS servers, will assure that you do not fall victim to DNS cache poisoning while traveling.

HTTPS Everywhere

Posted by D. Horst on

HTTPS Everywhere        HTTPS Everywhere

This is an extremely beneficial add-on to enhance your privacy and security.  Currently, it works with Chrome, Mozilla Firefox, and Opera.  It arose as a cooperative effort between the Tor Project and the Electronic Frontier Foundation.

HTTPS Everywhere guarantees you server authentication, data confidentiality, and data integrity.  It activates the HTTPS features of the websites you visit, if those exist.  Your browser will not even attempt an insecure connection, and this can prevent an attack called “SSL stripping.”

It does not hide the identities of the websites you go to.  Nor does it somehow make those websites safe.  It merely activates the HTTPS security features of the sites you browse if those are present.  This can be a significant plus for your privacy and security. The Tor browser comes with HTTPS Everywhere by default.

https://www.eff.org/https-everywhere

The Armored Car Problem

Posted by D. Horst on

You need to transport something extremely valuable from place A to B here in the sublunary sphere.

You feel confident because you have an armored car.  The walls of the car are incredibly strong.  The builders thought of everything.  The guards, two serious people, know how to drive and how to shoot.  You trust them, and you are correct to do so.

But the stark problem comes when they arrive at the bank and it is not the real bank.