notsosecure.com/abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks

Preview meta tags from the notsosecure.com website.

Linked Hostnames

4

Search Engine Appearance

Google

https://notsosecure.com/abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks

Abusing TCP/IP name resolution in Windows to carry out phishing attacks.

I was playing with name resolution in windows and i found that it sends broadcast requests over the network for the hostnames not resolved by DNS or WINS services. This is characteristic behaviour of windows and *nix boxes do not send any such broadcast requests. As these are the broadcast request, these can easily be abused to carry out phishing attacks. I wrote a small paper



Bing

Abusing TCP/IP name resolution in Windows to carry out phishing attacks.

https://notsosecure.com/abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks

I was playing with name resolution in windows and i found that it sends broadcast requests over the network for the hostnames not resolved by DNS or WINS services. This is characteristic behaviour of windows and *nix boxes do not send any such broadcast requests. As these are the broadcast request, these can easily be abused to carry out phishing attacks. I wrote a small paper



DuckDuckGo

https://notsosecure.com/abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks

Abusing TCP/IP name resolution in Windows to carry out phishing attacks.

I was playing with name resolution in windows and i found that it sends broadcast requests over the network for the hostnames not resolved by DNS or WINS services. This is characteristic behaviour of windows and *nix boxes do not send any such broadcast requests. As these are the broadcast request, these can easily be abused to carry out phishing attacks. I wrote a small paper

  • General Meta Tags

    12
    • title
      Abusing TCP/IP name resolution in Windows to carry out phishing attacks. | NotSoSecure
    • charset
      utf-8
    • google-site-verification
      TPZ6OuPmijmkU03H4oYRwq-3Rm351vVjiht-_rHXuQ4
    • msvalidate.01
      21E2E81A8EF6FC0C9F7641AF99D113C9
    • viewport
      width=device-width, initial-scale=1.0, user-scalable=yes

  • Open Graph Meta Tags

    6
    • og:site_name
      NotSoSecure
    • og:type
      article
    • og:url
      /abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks
    • og:title
      Abusing TCP/IP name resolution in Windows to carry out phishing attacks.
    • og:description
      I was playing with name resolution in windows and i found that it sends broadcast requests over the network for the hostnames not resolved by DNS or WINS services. This is characteristic behaviour of windows and *nix boxes do not send any such broadcast requests. As these are the broadcast request, these can easily be abused to carry out phishing attacks. I wrote a small paper on this. You can access it here. UPDATES: Here is good article from microsoft which discusses this process in detail. Here are a few drawbacks of this atatck: 1.

  • Twitter Meta Tags

    4
    • twitter:card
      summary
    • twitter:url
      /abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks
    • twitter:title
      Abusing TCP/IP name resolution in Windows to carry out phishing
    • twitter:description
      I was playing with name resolution in windows and i found that it sends broadcast requests over the network for the hostnames not resolved by DNS or WINS services. This is characteristic behaviour of

  • Link Tags

    12
    • canonical
      /abusing-tcpip-name-resolution-windows-carry-out-phishing-attacks
    • shortcut icon
      /sites/all/assets/nss/nss-favicon.ico
    • shortlink
      /node/4049
    • stylesheet
      /sites/all/assets/nss/css/css_xE-rWrJf-fncB6ztZfd2huxqgxu4WO-qwma6Xer30m4.css
    • stylesheet
      /sites/all/assets/nss/css/css_O97MTOZ3o6nAruStzU6j43DrFYeHiZyhTmOeowScO7Y.css

Links

45