Maybe you heart about the “new” DNS exploit found by Mr. Kaminsky.
Basics:
- Your surfing to your bank website.
- Your computer checks where it can find www.nicebank.com
- If your router doesn’t know, it will ask the ISP DNS server.
- This response from your ISP DNS can be tricked.
- Your not going to the real www.nicebank.com, but to a faked website that logs your password.
- You will NEVER know, unless your money is gone.
It’s kinda more technical then explained here. If your interested in the technical details there is enough on the Internet. I like this powerpoint about it.
More imported for most people is to make sure the DNS they are using is not vulnerable anymore (yes ALL DNS Servers where!).
Although there is a patch, but this isn’t a real solution for the problem, it makes the exploit ALOT harder. But in theory its still exploitable. The only real solution is to use DNSsec. But this is not something you can install yourself (if you don’t want to run your own DNS server at home).
Check on this website if your using a save DNS server.